That was a very interesting post by jsmith; I'm going to have to play with that now.

I'd love to, too.. Sadly however, besides the theory, I don't know anything about that subject, the main problem being how to implement that.

I don't know how to make the program execute bash but I know how to cause a buffer overrun. Use the gets() function and a fixed-sized buffer. But I don't know how to make it execute the stack.

Edit 1: I found something that explains how to do it: http://www.securiteam.com/securityreviews/5OP0B006UQ.html
Edit 2: Make sure you compile with -fno-stack-protector if you're using gcc.

chwsks wrote:
I thought a stack overflow meant that I ran out of memory. I still don't understand how someone can overflow a buffer and gain control of a computer. Wikipedia articles are so little help--when you read a Wikipedia article looking for something you do not understand you realize professional editors are very important. read this: http://en.wikipedia.org/wiki/Stack_overflow

Stupid article. I had to fix it.

Why did you change

Older Revision wrote:
When a program attempts to use more space than is available on the call stack (that is, when it attempts to access memory beyond the call stack's bounds, which is essentially a [[buffer overflow]]

to

Current revision wrote:
when too much memory is used on the call stack

?
I though the former was correct.

Edit: never mind, I read the wrong bit.