I have been reading up on Buffer Overflows and NOP Sleds. I tried to use the exploit on an example target and I got stuck because I needed to inject a null byte in the return address for my BP so that my program does not crash. I have become aware of the fact that it is not possible to call a C program from command-line with a string that contains null bytes.
So, my questions is how to perform a buffer overflow in case the target memory address contains null bytes? Also, this would make NOP sleds as useless because the return address would contain null bytes as well, right?
Because I am completely new to C programming and exploitation in general it might be that I overlooked something obvious like zeroing out a part of memory after injection to construct a valid memory address but google search did not yield any understandable results for me.
At last, it is always the case that a stored memory address in memory ends with a null byte? Based on my observations I assume this is necessarily the case but there might be other options to interpret stored data as memory addresses without a null byte at the end.