Protostar/Stack 0

If you get stuck, you can watch the solution and explanation here:

We will write our first Buffer Overflow for the stack0 level of

This level introduces the concept that memory can be accessed outside of its allocated region, how the stack variables are laid out, and that modifying outside of the allocated memory can modify program execution.

This level is at /opt/protostar/bin/stack0


#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>

int main(int argc, char **argv)
  volatile int modified;
  char buffer[64];

  modified = 0;

  if(modified != 0) {
      printf("you have changed the 'modified' variable\n");
  } else {
      printf("Try again?\n");

See also

This video introduces, how to connect to the VM with ssh and explains what setuid binaries are.

We have a look at stack level 0 from and compile it on a current Ubuntu, to see if it's still exploitable.

In part 2 we have a closer look at stack0 on a modern system. We are trying to plan an exploit that works in case we can guess the stack cookie. We have to be a bit creative here.

Bruteforcing stack canary, stack guard, stack cookie with a C program.

This is a mirror. Copyright and original can be found here: