Buffer Overflow 101: How to Make Programs Go Boom [ POC ]
ฝัง
- เผยแพร่เมื่อ 20 ส.ค. 2024
- It's a POC of Buffer Overflow. In the upcoming videos, It'll be a game where we'll turn on the mitigation one by one & learn to bypass it.
#exploitdevelopment #linuxkernel #computerscience #redteaming
Great video !!!!
Great video! It helped me a lot!
good explanation
A short, simple to the point video made for experience in programming and local system. Although the goal of the video could have been made clear at the starting, what was the goal of reading over the stack and why were there the read "A"s and "B"s on the stack after the file has been read ? Why would the system keep that information on the stack ?
Hi, thank you for advice, I'll make implement it from the next video. As for your question, the reason we are reading over the stack is that we are using a vulnerable function to take control of the process for executing our shellcode, now the functions belongs to the stack section which is a finite & dynamic memory but every part of it must have a definite size at the time of compilation. Now, every function gets its own stack frame which is basically a sandbox, so to speak, to keep the functions call separate, now these stack frames contains the return address which the process must return to continue executing, in our case, the main function, if we overflow some data, the return address gets overwritten with our data & that data, which is AAAA is not a valid memory address, infact, it's not even mapped anywhere in virtual memory, so when you do a buffer overflow & see it there, you know, hey! that's my data.
As for your second question, a stack frame gets pushed or added into the stack once & stays there until it gets popped or removed after the function call is completed, that' the reason our A & B stayed there.
Hope this clear up your doubts.
If you have suggestions for the videos, please post them in comment.