Added blog post for Buffer-Overflows #80
Conversation
| * Read more about buffer overflows [Blog of Dhaval Kapil](https://dhavalkapil.com/blogs/Buffer-Overflow-Exploit/). | ||
| * Read about [ASLR](https://en.wikipedia.org/wiki/Address_space_layout_randomization) and [canaries](https://en.wikipedia.org/wiki/Stack_buffer_overflow#Stack_canaries), They are defense mechanisms to prevent Buffer Overflows. | ||
|
|
||
|
|
There was a problem hiding this comment.
Care to trim trailing whitespaces ? 😛
| @@ -0,0 +1,125 @@ | |||
| --- | |||
| layout: post | |||
| title: "Buffer Overflows from scratch" | |||
There was a problem hiding this comment.
Fix capitalization of "scratch".
There was a problem hiding this comment.
I will surely fix all those linguistic error 👍
I wanted to extend the article , but then it requires good enough use of GDB so I preferred not to.
If you say , I will extend the post to a point of redirecting the flow of control to a completely "uncalled" function, for now it just demonstrates compromising a value stored in some variable.
| --- | ||
| ### What is a Buffer and What are Buffer overflows ? | ||
|
|
||
| To keep it simple ; Buffer is a memory used temporarily to store output or input data |
There was a problem hiding this comment.
Let's follow a consistent punctuation scheme, like
this; is a word
instead of
this ; is a word
Also, I think it should be "a buffer is memory used temporarily"
This should be applied everywhere (for commas, full stops etc) all throughout the post.
|
|
||
| To keep it simple ; Buffer is a memory used temporarily to store output or input data | ||
| while it is transferred. | ||
| From naive perspective, Buffer is just an array of a particular data type. |
| Every function ( even main() ) has a Stack frame in the memory. | ||
| When some function is called it creates a new stack frame just below | ||
| the stack frame of the previous function. | ||
| Lets take an example by considering a simple source code in C : |
| Moreover there is a sequential allocation of memory to the variables onto the stack. | ||
| The variable which is declared earlier is at higher memory address and the one which | ||
| is declared after is at lower memory address | ||
| ### Lets get some hands-on |
There was a problem hiding this comment.
Let's
Also, the "some" can be eliminated :)
|
|
||
| ### A deeper look at the stack layout | ||
|
|
||
| Lets look at the stack layout once more: |
| * Return address : it has the address to which the current function has to return after it complete its execution . | ||
| * old EBP : It has the base pointer of the function which called the current function. | ||
| * Exception Handler : Dont worry about this for now :P | ||
| * Local Variable : It has the values of all local variables being stored onto th stack. |
|
Fixed errors as mentioned for post Buffer_Overflow |
ayush268
force-pushed
the
master
branch
2 times, most recently
from
b5ffe87 to
3c3a7a7
Compare
Working fine on Local host.No Bugs.