How to conduct buffer overflow in PHP/Python?

php python buffer-overflow
user198729 picture user198729 · Jan 17, 2010 · Viewed 12.1k times · Source

Here is an example in c:

#include <stdio.h>
#include <string.h>

void bad() {
    printf("Oh shit really bad~!\r\n");
}

void foo() {
    char overme[4] = "WOW";
    *(int*)(overme+8) = (int)bad;
}

int main() {
   foo();
}

Answer

Ants Aasma picture Ants Aasma · Jan 17, 2010

The fact that Python and PHP are interpreted like suggested by others isn't actually the point. The point is that almost all of the APIs and language semantics that they expose are heavily error-checked making it impossible to have exploitable undefined behavior. Even if you compile the languages, it would still be impossible. This doesn't mean that you couldn't expose unsafe APIs that can do whatever. In fact, using Pythons ctypes module, it should be possible to create a similar behavior, but significantly harder to do so by accident.

Related questions

Running a Python script from PHP

I'm trying to run a Python script from PHP using the following command: exec('/usr/bin/python2.7 /srv/http/assets/py/switch.py arg1 arg2'); However, PHP simply doesn't produce any output. Error reporting is set to E_…

Read More
What is a Python equivalent of PHP's var_dump()?

When debugging in PHP, I frequently find it useful to simply stick a var_dump() in my code to show me what a variable is, what its value is, and the same for anything that it contains. What is a …

Read More
What is for Python what 'explode' is for PHP?

I had a string which is stored in a variable myvar = "Rajasekar SP". I want to split it with delimiter like we do using explode in PHP. What is the equivalent in Python?

Read More