Call a hidden function, is it possible ?

[Arquitecto]

Hi ,i would like to give u a piece of code and discuss if it is
possible to call the hidden_function without modify code to call it .
I have read on internet about buffer overflows and i can overwrite
overwrite instruction pointer to point to start of the
hidden_function . But i see that on my ubuntu with my

gcc version 4.1.2 (Ubuntu 4.1.2-0ubuntu4) i get a

../test AAAAAAAAAAAAA
*** stack smashing detected ***: ./test terminated

i think this protection blocks me ,right ? Is there any other
technique i can call that hidden fuction ? And lets say we got a linux
binary ,that we dont know his source code ,is there any way to
determine hidden fuctions that may that binary have ? As an owner i
can maybe disable those protections from gcc but if i dont have the
source and only the binary ??? I would like to hear your opinions on
that , thanx in advance

#include <stdio.h>
#include <string.h>

void hidden_function()
{
printf("you find me \n");
}


main(int argc, char *argv[])
{
char buffer[10];
if (argc < 2) {
fprintf(stderr, "usage: %s string \n", argv[0]);
return 1;
}
strcpy(buffer, argv[1]);
return 0;
}

 

[jacob navia]

Hi ,i would like to give u a piece of code and discuss if it is
possible to call the hidden_function without modify code to call it .
I have read on internet about buffer overflows and i can overwrite
overwrite instruction pointer to point to start of the
hidden_function . But i see that on my ubuntu with my

gcc version 4.1.2 (Ubuntu 4.1.2-0ubuntu4) i get a

./test AAAAAAAAAAAAA
*** stack smashing detected ***: ./test terminated

i think this protection blocks me ,right ? Is there any other
technique i can call that hidden fuction ? And lets say we got a linux
binary ,that we dont know his source code ,is there any way to
determine hidden fuctions that may that binary have ? As an owner i
can maybe disable those protections from gcc but if i dont have the
source and only the binary ??? I would like to hear your opinions on
that , thanx in advance

#include <stdio.h>
#include <string.h>

void hidden_function()
{
printf("you find me \n");
}


main(int argc, char *argv[])
{
char buffer[10];
if (argc < 2) {
fprintf(stderr, "usage: %s string \n", argv[0]);
return 1;
}
strcpy(buffer, argv[1]);
return 0;
}

Look. If you want a class about how to write a virus/malicious software
please go somewhere else.

 

[William Pursell]

Hi ,i would like to give u a piece of code and discuss if it is
possible to call the hidden_function without modify code to call it .

#include <stdlib.h>
#define main foo
#include "your_code.c"
#undef main

int
main( void )
{
hidden_function();
return EXIT_SUCCESS;
}


This protects you entirely from the buffer overflow present
in your main routine.

 

[Arquitecto]

To jacob ,

i prefer to post your thought on that subject and not judge the
content . I am here to learn and spent my replies replying on usefull
answers ... really sorry for ur answer .. No i will not hack your PC
by discussing how some things work .And i think bypassing some
protections is a challenge for solving and i am here to discuss all
those things .

to William Pursell ,

yea this is usefull if have the source file and is a nice thing i
didnt knew . thanks for the answer . but if you dont have the source
code to include ?? and you only have the binary and now that a hidden
function exists .

And if some people think that i ask how to hack the planet dont worry
you are safe


jacob navia :

Hi ,i would like to give u a piece of code and discuss if it is
possible to call the hidden_function without modify code to call it .
I have read on internet about buffer overflows and i can overwrite
overwrite instruction pointer to point to start of the
hidden_function . But i see that on my ubuntu with my

gcc version 4.1.2 (Ubuntu 4.1.2-0ubuntu4) i get a

./test AAAAAAAAAAAAA
*** stack smashing detected ***: ./test terminated

i think this protection blocks me ,right ? Is there any other
technique i can call that hidden fuction ? And lets say we got a linux
binary ,that we dont know his source code ,is there any way to
determine hidden fuctions that may that binary have ? As an owner i
can maybe disable those protections from gcc but if i dont have the
source and only the binary ??? I would like to hear your opinions on
that , thanx in advance

#include <stdio.h>
#include <string.h>

void hidden_function()
{
printf("you find me \n");
}


main(int argc, char *argv[])
{
char buffer[10];
if (argc < 2) {
fprintf(stderr, "usage: %s string \n", argv[0]);
return 1;
}
strcpy(buffer, argv[1]);
return 0;
}

Look. If you want a class about how to write a virus/malicious software
please go somewhere else.

 

[Peter Nilsson]

To jacob ,

i prefer to post your thought on that subject
and not judge the content .

Your subject is how to detect buffer overflow when all you
have is the binary. Since you don't have a question about
the C language, I'm afraid your post isn't topical in
comp.lang.c.

I am here to learn and spent my replies replying on
usefull answers ... really sorry for ur answer .. No
i will not hack your PC by discussing how some things
work .And i think bypassing some
protections is a challenge for solving

Perhaps, but it is not topical here.

and i am here to discuss all
those things .

And we're not preventing you from discussing them, we're
just asking that you discus them in a group where it is
topical.

More than happy to help you with any C issues you might
have.

 

[Sheth Raxit]

Hi ,i would like to give u a piece of code and discuss if it is
possible to call the hidden_function without modify code to call it .
I have read on internet about buffer overflows and i can overwrite
overwrite instruction pointer to point to start of the
hidden_function . But i see that on my ubuntu with my

gcc version 4.1.2 (Ubuntu 4.1.2-0ubuntu4) i get a

./test AAAAAAAAAAAAA
*** stack smashing detected ***: ./test terminated

i think this protection blocks me ,right ? Is there any other
technique i can call that hidden fuction ? And lets say we got a linux
binary ,that we dont know his source code ,is there any way to
determine hidden fuctions that may that binary have ? As an owner i

do strings,nm,obj command, you'll get more info (i am not expert in
this,but why not to try!)

I found the interesting material here (NOT Related to C) for the kind
of thing you are trying to do.
http://cr.yp.to/2004-494.html

can maybe disable those protections from gcc but if i dont have the
source and only the binary ??? I would like to hear your opinions on
that , thanx in advance

#include <stdio.h>
#include <string.h>

void hidden_function()
{
printf("you find me \n");

}

main(int argc, char *argv[])
{
char buffer[10];
if (argc < 2) {
fprintf(stderr, "usage: %s string \n", argv[0]);
return 1;
}
strcpy(buffer, argv[1]);
return 0;



}- Hide quoted text -

- Show quoted text -

regretting for replying to possible off-topic

-Raxit