After entering the buffer and the nop, i went to check the output in GDB and I realise there is a ton of C2 appearing in the NOP sled, anybody knows how to counteract this?
This is a character encoding issue. At some point in what you’re doing, your NOP is being converted to UTF-8 from another encoding (probably ISO-8859-1). You can see how this works with:
echo -ne "\x90" > nop-test
xxd nop-test
iconv -f iso-8859-1 -t UTF-8 nop-test -o nop-utf8
xxd nop-utf8
How to fix this depends on how you’re doing the overflow. In a python script, using
"\x90" * sledSize
should work just fine.
Yea I figured that it was something to do with UTF-8 encoding. I ran python in gdb (checked that gdb is using python3) and was getting the error by using both ways,
"\x90 * 200"
b"\x90 * 200"
passed with the -c option
i then figured to use the following which worked
import sys; sys.stdout.write("\b'\x90' * 200")