Master the fundamental concepts of binary exploitation through this focused micro-challenge.
A stack buffer overflow occurs when a program writes more data into a stack-allocated buffer than it was designed to hold. The excess bytes overwrite adjacent memory, including the saved frame pointer and return address, potentially hijacking execution.
On x86-64, the stack grows downward with this layout (high to low addresses):
When strcpy(buf, input) writes past a char buf[16], the overflow corrupts RBP first, then the return address. On function return, the CPU jumps to the attacker-controlled address.
Vulnerable functions include gets(), strcpy(), strcat(), and sprintf() because they perform no bounds checking.
You will demonstrate a stack buffer overflow conceptually, printing the stack layout before and after corruption. Understanding this mechanism is the foundation for every stack-based exploitation technique in the rest of this subtrack.
Draw the stack from high to low addresses: return address at the top, saved RBP below it, then your buffer. A 24-byte write into a 16-byte buffer overwrites 8 bytes of saved RBP and 8 bytes of return address on x86-64. Defensive coding replaces strcpy with strncpy or snprintf, and compilers emit stack canaries when you build with -fstack-protector. Legacy codebases still contain unchecked copies.
Implement a C program that demonstrates a stack buffer overflow.
Requirements:
Success Criteria:
Three hints are available for this task, revealed one at a time inside the code workspace so you can struggle productively before seeing them.
Every task includes starter code, theory, and hidden tests so you can implement and verify locally in the browser.
How it works