Im trying to understand buffer overflows

*include<string.h>

int main(int argc, char **argv){
	char buf[256];
	 	strcpy(buf, argv[1]);
}

This code is vulnerable to buffer overflow. Im trying to learn about exploiting these kind of codes, so, I know its common to make it spawn a shell, but what would I input if I wanted to make the program print out "hello world" ? Is it A*256 cout<<"hello world" ?

I know I have to overwrite the memory and such, but I dont know the details. Can someone explain to me how and why it it possible to exploit the code above ?

dw0rek wrote: you also need a '#' infront of the include for it to work properly.

Yes, I'm gathering he knows this, hbh used to convert hashes into asterisks because of an exploit.

okies didnt know that.

Buffer and stack overflows are a tricky subject,if you want to get a deep understanding of these exploits check out a book called, "hacking the art of exploitation".Other than that I can't help you since I'm very new to the subject aswell.Can any one tell me how to run these exploits against a server,I know u have to have the right permissions,but other than that i'm lost.:whoa: