I am trying to compile this using the terminal on Ubuntu 12.04 (Precise Pangolin):
#include <stdio.h>
#include <stdlib.h>
main()
{
/* Declare argument array */
char *args[2];
args[0] = “/bin/bash”;
args[1] = NULL;
execve(args[0], args, NULL);
exit(0);
}
I found this example on Buffer Overflow Primer Part 4 (Disassembling Execve) which also happened to be the one Aleph One used in 'Smashing the Stack for Fun and Profit'. I am aware that much has changed since then. In more simple examples I have used:
gcc -ggdb -mpreferred-stack-boundary=2 -fno-stack-protector filename filename.c
Other times I may include the static utility. It has worked up until I have tried to compile the C code above. The message I receive from the terminal is:
gcc -static -mpreferred-stack-boundary=2 -fno-stack-protector -o shell shell.c
Output:
shell.c: In function ‘main’:
shell.c:9:2: error: stray ‘\342’ in program
shell.c:9:2: error: stray ‘\200’ in program
shell.c:9:2: error: stray ‘\234’ in program
shell.c:9:15: error: expected expression before ‘/’ token
shell.c:9:15: error: stray ‘\342’ in program
shell.c:9:15: error: stray ‘\200’ in program
shell.c:9:15: error: stray ‘\235’ in program
I understand that this is a very simple example and that this error is probably caused by current standard security measures in Linux, but I would like to get around them to practise with this example and more in the future. How can I fix this problem?
You have "smart" quotes around your string literal,
“/bin/bash”;
Try using ordinary quotes ".