Share
## https://sploitus.com/exploit?id=DF94DA7C-2D0C-5AC4-90C7-7DFF23FA1202
# Buffer Overflow & Stack Smashing Exploit

## Overview
This project demonstrates a classic **Stack Smashing attack** on a C-based system program. The goal was to exploit a buffer overflow vulnerability in a target application (`vuln.c`) to gain root access via a reverse shell.

## Technical Skills Demonstrated
* **Security Concepts:** Buffer Overflows, Stack Layout, Memory Corruption.
* **Exploitation Techniques:** Payload crafting, NOP sleds, Return Address hijacking.
* **Defensive Bypassing:** Manually disabling ASLR (Address Space Layout Randomization) to simulate legacy system vulnerabilities.
* **Environment:** Linux (Kernel < 2.4) within a Virtual Machine.

## How it Works
The exploit targets a poorly-programmed buffer in `vuln.c`. By overflowing the buffer, I was able to overwrite the function's return address on the stack, redirecting execution to my own malicious shellcode.



## Execution
1. **Target:** A compiled version of `vuln.c`.
2. **The Exploit:** Running `exploit.c` which generates a payload containing:
   - A NOP sled for landing stability.
   - Shellcode to initiate a reverse shell.
   - The calculated memory address to overwrite the return pointer.

## Results
A successful attack resulted in a shell with `root` privileges. 
![Success Screenshot](./screenshots/success.png)

## Disclaimer
This project was created for educational purposes within the CECS 478 (Computer Security) course to understand memory safety and defensive programming.