 | |
| |||||||
| Home | Register | Projects | Blogs | FAQ | Calendar | Search | Today's Posts | Mark Forums Read | Free Directory | Free DNSReport | Tags |
| Notices |
| Hacking Discuss the art of hacking, your experiences, etc... |
Buffer overflows trying to get this rightThis is a discussion on "Buffer overflows trying to get this right" within the Hacking part of the Computer Security: Discussions section; HiYa, I've just started getting into buffer overflows, I've written what I believe to be correct could someone have a quick read and see if I'm wrong about some of my concepts, or If they can be ... |
 |
| | LinkBack | Thread Tools | Display Modes |
17-09-05
| |||
| |||
 Buffer overflows trying to get this right HiYa, I've just started getting into buffer overflows, I've written what I believe to be correct could someone have a quick read and see if I'm wrong about some of my concepts, or If they can be explained 'better' or more accurately. Many Thanks, H The basic premise Code will often ask for data to be given to it from user defined input. This input is referred to as a variable, the programmer will have written the code to store data in an area of memory called a buffer. The code accepts input from the user stores it in a buffer, then when it needs to use the variable stored in the buffer it reads the data and puts it into space reserved for it,and continues normal program flow. If the user input is too large for the buffer it then overwrites memory sections used to tell it where to go next, If we overwrite the area of memory that tells it where to go next with an address of our choosing and in that address we store our code, we can get the process to execute our code. Terminology: Buffer - An area of memory that holds multiple instances of the same data type. Stack - This is where the program stores temporary information, examples of this are the RET (return) address from a function called by the program called or a variable. ESP - Extended Stack Pointer. This points to the last address used by the stack (the top of the stack) With an Intel architecture the stack grows downwards. EBP - Extended Base Pointer.This is usually used to calculate an address relevant to another address. RET - Return Address.When a program calls a function the system saves the address of memory that the function was called from, so whe the function ends it knows where it has to go back to afterwards. EIP - Extended Instruction Pointer. This is the instruction that is currently being executed by the processor.  |
| Sponsor | ||
| ||
| |
|
| | |
| buffer, overflows, right, trying | |
| Thread Tools | |
| Display Modes | |
Linear Mode
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| 0day Total Video Player V1.03 .m3u file Local Buffer Overflow | fl0 fl0w | 0day | 0 | 01-02-08 16:22 |
| Info-ZIP UnZip File Name Buffer Overflow Vulnerability | code_D6 | 0day | 1 | 10-04-06 09:10 |
| Buffer overflow tutes | h3llfyr3 | Hacking | 6 | 25-10-05 14:14 |
| Ethereal SLIMP3 Protocol Dissector Remote Buffer Overflow P | shapeshifter | Public | 0 | 20-10-05 16:02 |
| [req] defeating compiler level buffer overflow protection | w4terlime | General Discussions | 1 | 11-08-05 14:26 |
