I'm trying to cause a buffer overflow to overwrite a variable to execute the first part of the if statement. However, each time I try to do that a Segmentation fault error occurs with executing the second part of the if statement.

Here is the code:

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

int main(){
    char username[10];
    volatile int password = 0;
    scanf("%s", username);
    if(password != 0){
        printf("done\n");
    }else{
        printf("tryharder\n");
    }
    return 0;
}

I used gcc to compile it:

 gcc pwn.c -o pwn

I've also tried:

 gcc pwn.c -o pwn -fno-stack-protector

when I try to cause the memory to overflow I use:

 kali@salluc:~/$ ./pwn
 00000000000000000000000000000000000000000000000000
 tryharder
 Segmentation fault

I want to know what should I do to be able to overwrite the password variable and why the method I'm using is not working.

CodePudding user response：

How can I overflow the memory

You are doing that - putting more than 10 bytes into password array, overflowing it.

what should I do to be able to overwrite the password variable

On x86 stack grows toward numerically lower addresses. You have to put password before username, or move to a different platform.

#include <stdio.h>    
int main() {
    volatile int password = 0;
    char username[10];
    scanf("%s", username);
    if(password != 0){
        printf("done\n");
    }else{
        printf("tryharder\n");
    }
    return 0;
}

why the method I'm using is not working.

Because it does not overwrite password variable, it overwrites unrelated stack.