stack overflow – Page 5 – WindowsTechs.com

ret2libc – why need 4 bytes of garbage

Posted on December 5, 2019 by DaniDin

So I started to learn reverse engineering, and I came across the ret2libc exploit.

I tried to understand how it works and I got a bit confused.

They say that when you return to the address of system you then need to give 4 … Continue reading ret2libc – why need 4 bytes of garbage→

Does a buffer overflow vulnerability always mean a code execution vulnerability?

Posted on November 26, 2019 by Sree

Since buffer overflows always let an evil hacker write outside the buffer and overwrite the return pointer to a shellcode the evil hacker can place, does it mean that successful exploitation of a stack buffer overflow always … Continue reading Does a buffer overflow vulnerability always mean a code execution vulnerability?→

Why Does Only 1 Of These 2 Almost-identical Payloads Give Me A Shell?

Posted on November 11, 2019 by jinscoe123

I wrote a vulnerable test program to practice buffer overflows; however, I was having trouble getting it to work. Finally, after slightly modifying the return address, I was able to gain a shell, but I don’t understand why this small, seem… Continue reading Why Does Only 1 Of These 2 Almost-identical Payloads Give Me A Shell?→

S2 Ep 13: Weird Android zero day and other tech fails – Naked Security podcast

Posted on October 17, 2019 by Alice Duckett

Listen to the latest episode now! Continue reading S2 Ep 13: Weird Android zero day and other tech fails – Naked Security podcast→

What is the concepts of secure return address stack and secure cache?

Posted on October 16, 2019 by Showing Shadow

can anyone tell me that What is the concepts of secure return address stack and secure cache?

Continue reading What is the concepts of secure return address stack and secure cache?→

Copy-and-paste sharing on Stack Overflow spreads insecure code

Posted on October 9, 2019 by John E Dunn

It’s the time-saving technique employed by many coders – copy and paste code from crowd-sourcing ‘Q&A’ websites. But is it always secure? Continue reading Copy-and-paste sharing on Stack Overflow spreads insecure code→

ret2libc calling function arguments order

Posted on September 30, 2019 by user3782573

While I was studying ret2libc, I saw that tutorials use:

call_to_function + ret addr + arguments

For example I understand that if I want to execute system function from libc I can use the following scheme:

system_address… Continue reading ret2libc calling function arguments order→

How are stack canaries padded by unmapped pages?

Posted on August 18, 2019 by Trey

I was reading the wikipedia article on this subject and it states that when a program starts, the canary is calculated at random, stored in a local variable(which I presume was introduced by the compiler) and is padded by un… Continue reading How are stack canaries padded by unmapped pages?→

Stack’s HTML-editor restriction escape leads to injecting code in question body [on hold]

Posted on July 11, 2019 by Guest

[ I’ve disabled the image that normally was here, to fit the ethics of Information Security]

23:40pm #20112000

Continue reading Stack’s HTML-editor restriction escape leads to injecting code in question body [on hold]→

In Return-Oriented Programming how can the machine execute unaligned instructions?

Posted on May 27, 2019 by AOrona

I am reading “The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86)”.

The author claims that x86 code is like English written without punctuation or spaces, so that the words all ru… Continue reading In Return-Oriented Programming how can the machine execute unaligned instructions?→