Buffer Overflow Demonstration Lab
A controlled environment for demonstrating and understanding buffer overflow vulnerabilities in web applications. This project is designed for educational purposes as part of secure software development training.
Warning
This project intentionally contains vulnerable code for educational purposes. Do not deploy in a production environment.
Technologies
- Python 3.9
- Flask
- Docker & Docker Compose
- Threading for concurrent attack simulation
Project Structure
buffer-overflow-demo/
+-- docker-compose.yml
+-- exploit/
| +-- exploit.py
+-- web/
+-- Dockerfile
+-- app.py
+-- requirements.txt
+-- templates/
+-- index.html
Quick Start
Prerequisites
- Docker
- Docker Compose
- Python 3.x (for running exploit scripts)
- pip (Python package manager)
Installation & Running
- Clone the repository:
git clone https://github.com/0x4m4/buffer-overflow-lab.git
cd buffer-overflow-demo
cd buffer-overflow-demo
- Start the vulnerable web application:
docker-compose up --build
- Install Python dependencies for the exploit script:
pip install requests
- Run the exploit demonstration:
cd exploit
python exploit.py
python exploit.py
Features
- Controlled buffer overflow demonstration
- Web interface for manual testing
- Automated exploit script
- Resource-limited containerized environment
- Concurrent attack simulation
Testing Scenarios
- Normal input (within buffer size)
- Boundary case testing
- Slight overflow demonstration
- Medium overflow impact
- Aggressive crash testing
Security Notice
This application is intentionally vulnerable and should only be used in isolated, educational environments. The container includes security measures like:
- Resource limitations
- No privilege escalation
- Isolated network
Author
- 0x4m4
- Website: www.0x4m4.com
License
This project is licensed under the MIT License - see the LICENSE file for details.
Contributing
Contributions, issues, and feature requests are welcome! Feel free to check the issues page.