Based on Figure $5$ illustrates the steps that the adversaries can take to exploit

vulnerabilities in the code below $($shown in Figure $4)$ in order to execute the other code

they want and, therefore, hijack program execution.

int func$($char ${?}^{**}$ str$)$

$\{$

char buffer$[200]$;

strcpy$($buffer$,$ str$)$;

return $1$;

$\}$

int main$($int argc, char $**$argv$)$

$\{$

char str $[60]$;

FILE $*$malicious;

malicious $=$ fopen$("$malicious$","$r$")$;

fread$($str$,$ sizeof$($char$),400,$ malicious$)$;

func$($str$)$;

printf$("$Returned Successfully

$")$;

return $1$ ;

$\}$

Figure $4$: The vulnerable program.

Attacker's file

Stack

Stack

after buffer copy

before buffer copy

Figure $5$: Hijack the program execution.