Given extensive protections in modern operating systems that make buffer overflow exploits unfeasible, should I even bother studying these?

I’ve been diving into the world of buffer overflow vulnerabilities and their exploitation, which has been both challenging and fascinating. However, I’ve recently hit a mental roadblock and would love to get your insights.
With modern oper… Continue reading Given extensive protections in modern operating systems that make buffer overflow exploits unfeasible, should I even bother studying these?

How should be set an unprotect environment on modern linux to test an old buffer overflow example?

Reading a technical paper on the issue I wanted to test it on my computer.
The idea is to provoke privilege escalation (change on the whoami output from peter to root) through a buffer overflow.
The example is quite old, so I guess actual … Continue reading How should be set an unprotect environment on modern linux to test an old buffer overflow example?

Segmentation fault without rip even getting overwritten Buffer Overflow

I was trying to overflow the return pointer of a simple program. I have asrl disabled and I compiled like this gcc returnexp.c -o returnexp -fno-stack-protector.
(I would disable noexecstack later on when I could overwrite the pointer)
Bu… Continue reading Segmentation fault without rip even getting overwritten Buffer Overflow