SlideShare a Scribd company logo

Exploiting stack overflow 101

ā€¢
ā€¢
n|u - The Open Security Community
n|u - The Open Security Community

This document provides an overview of exploiting a stack overflow vulnerability in EasyRmtoMp3 player software. It discusses the stack and function calls in assembly, and how a buffer overflow can be used to overwrite the return address and redirect program execution to injected shellcode. The agenda includes setting up the environment in Immunity Debugger and Metasploit, explaining the theory behind stack overflows, visualizing how it works, and demonstrating an exploit against the vulnerable software.

TechnologyNews & Politics
1 of 12
Exploiting Stack Overflow 101 By Sebas Sujeen (_masteR)
#whoami ,[object Object],[object Object],[object Object],[object Object],[object Object]
Agenda ,[object Object],[object Object],[object Object]
Setting up the Environment ,[object Object],[object Object],[object Object]
The theory... Before the fun part ,[object Object],[object Object],[object Object]
The theory... Before the fun part ,[object Object],[object Object],[object Object],[object Object]
The theory... Before the fun part ,[object Object],[object Object],[object Object]
Visualize the stack Breno de Medeiros Florida State University Fall 2005 ,[object Object],<previous stack frame> function arguments return address previous frame pointer local variables local buffer variables Direction of stack growth
Time to visualize the exploit ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
References ,[object Object],[object Object],[object Object]
Exploit Demo
Questions!!!

Recommended

fg.workshop: Software vulnerability
fg.workshop: Software vulnerabilityfg.workshop: Software vulnerability
fg.workshop: Software vulnerabilityfg.informatik UniversitƤt Basel
Ā 
Buffer Overflow Demo by Saurabh Sharma
Buffer Overflow Demo by Saurabh SharmaBuffer Overflow Demo by Saurabh Sharma
Buffer Overflow Demo by Saurabh Sharman|u - The Open Security Community
Ā 
Gift-VT Tools Development Overview
Gift-VT Tools Development OverviewGift-VT Tools Development Overview
Gift-VT Tools Development Overviewstn_tkiller
Ā 
SymfonyCon 2017 php7 performances
SymfonyCon 2017 php7 performancesSymfonyCon 2017 php7 performances
SymfonyCon 2017 php7 performancesjulien pauli
Ā 
Symfony live 2017_php7_performances
Symfony live 2017_php7_performancesSymfony live 2017_php7_performances
Symfony live 2017_php7_performancesjulien pauli
Ā 
Presentation buffer overflow attacks and theircountermeasures
Presentation buffer overflow attacks and theircountermeasuresPresentation buffer overflow attacks and theircountermeasures
Presentation buffer overflow attacks and theircountermeasurestharindunew
Ā 
Buffer overflow null
Buffer overflow nullBuffer overflow null
Buffer overflow nullnullowaspmumbai
Ā 
Course lecture - An introduction to the Return Oriented Programming
Course lecture - An introduction to the Return Oriented ProgrammingCourse lecture - An introduction to the Return Oriented Programming
Course lecture - An introduction to the Return Oriented ProgrammingJonathan Salwan
Ā 

Recommended

fg.workshop: Software vulnerability
fg.workshop: Software vulnerabilityfg.workshop: Software vulnerability
fg.workshop: Software vulnerabilityfg.informatik UniversitƤt Basel
Ā 
Buffer Overflow Demo by Saurabh Sharma
Buffer Overflow Demo by Saurabh SharmaBuffer Overflow Demo by Saurabh Sharma
Buffer Overflow Demo by Saurabh Sharman|u - The Open Security Community
Ā 
Gift-VT Tools Development Overview
Gift-VT Tools Development OverviewGift-VT Tools Development Overview
Gift-VT Tools Development Overviewstn_tkiller
Ā 
SymfonyCon 2017 php7 performances
SymfonyCon 2017 php7 performancesSymfonyCon 2017 php7 performances
SymfonyCon 2017 php7 performancesjulien pauli
Ā 
Symfony live 2017_php7_performances
Symfony live 2017_php7_performancesSymfony live 2017_php7_performances
Symfony live 2017_php7_performancesjulien pauli
Ā 
Presentation buffer overflow attacks and theircountermeasures
Presentation buffer overflow attacks and theircountermeasuresPresentation buffer overflow attacks and theircountermeasures
Presentation buffer overflow attacks and theircountermeasurestharindunew
Ā 
Buffer overflow null
Buffer overflow nullBuffer overflow null
Buffer overflow nullnullowaspmumbai
Ā 
Course lecture - An introduction to the Return Oriented Programming
Course lecture - An introduction to the Return Oriented ProgrammingCourse lecture - An introduction to the Return Oriented Programming
Course lecture - An introduction to the Return Oriented ProgrammingJonathan Salwan
Ā 
Python Programming Essentials - M25 - os and sys modules
Python Programming Essentials - M25 - os and sys modulesPython Programming Essentials - M25 - os and sys modules
Python Programming Essentials - M25 - os and sys modulesP3 InfoTech Solutions Pvt. Ltd.
Ā 
PHP 7 performances from PHP 5
PHP 7 performances from PHP 5PHP 7 performances from PHP 5
PHP 7 performances from PHP 5julien pauli
Ā 
Operating Systems - A Primer
Operating Systems - A PrimerOperating Systems - A Primer
Operating Systems - A PrimerSaumil Shah
Ā 
Python Programming Essentials - M31 - PEP 8
Python Programming Essentials - M31 - PEP 8Python Programming Essentials - M31 - PEP 8
Python Programming Essentials - M31 - PEP 8P3 InfoTech Solutions Pvt. Ltd.
Ā 
Operating System Assignment Help
Operating System Assignment HelpOperating System Assignment Help
Operating System Assignment HelpProgramming Homework Help
Ā 
Operating System Engineering Quiz
Operating System Engineering QuizOperating System Engineering Quiz
Operating System Engineering QuizProgramming Homework Help
Ā 
Computer Science Assignment Help
Computer Science Assignment HelpComputer Science Assignment Help
Computer Science Assignment HelpProgramming Homework Help
Ā 
Programming Assignment Help
Programming Assignment HelpProgramming Assignment Help
Programming Assignment HelpProgramming Homework Help
Ā 
Computer Science Homework Help
Computer Science Homework HelpComputer Science Homework Help
Computer Science Homework HelpProgramming Homework Help
Ā 
Python Programming Essentials - M37 - Brief Overview of Misc Concepts
Python Programming Essentials - M37 - Brief Overview of Misc ConceptsPython Programming Essentials - M37 - Brief Overview of Misc Concepts
Python Programming Essentials - M37 - Brief Overview of Misc ConceptsP3 InfoTech Solutions Pvt. Ltd.
Ā 
smash the stack , Menna Essa
smash the stack , Menna Essasmash the stack , Menna Essa
smash the stack , Menna EssaCATReloaded
Ā 
Basics of ANT
Basics of ANTBasics of ANT
Basics of ANTPuneet Sharma - Steepgraph Systems
Ā 
PHP 7 new engine
PHP 7 new enginePHP 7 new engine
PHP 7 new enginejulien pauli
Ā 
CompilersAndLibraries
CompilersAndLibrariesCompilersAndLibraries
CompilersAndLibrariesStaffan Tjernstrƶm
Ā 
Dive into ROP - a quick introduction to Return Oriented Programming
Dive into ROP - a quick introduction to Return Oriented ProgrammingDive into ROP - a quick introduction to Return Oriented Programming
Dive into ROP - a quick introduction to Return Oriented ProgrammingSaumil Shah
Ā 
PyCon Taiwan 2013 Tutorial
PyCon Taiwan 2013 TutorialPyCon Taiwan 2013 Tutorial
PyCon Taiwan 2013 TutorialJustin Lin
Ā 
cs3157-summer06-lab1
cs3157-summer06-lab1cs3157-summer06-lab1
cs3157-summer06-lab1tutorialsruby
Ā 
Cell processor lab
Cell processor labCell processor lab
Cell processor labcoolmirza143
Ā 
How Functions Work
How Functions WorkHow Functions Work
How Functions WorkSaumil Shah
Ā 
OTP application (with gen server child) - simple example
OTP application (with gen server child) - simple exampleOTP application (with gen server child) - simple example
OTP application (with gen server child) - simple exampleYangJerng Hwa
Ā 
Mango Tree Residences
Mango Tree ResidencesMango Tree Residences
Mango Tree ResidencesSandrex Mano
Ā 
The Rochester
The RochesterThe Rochester
The RochesterSandrex Mano
Ā 

More Related Content

What's hot

Python Programming Essentials - M25 - os and sys modules
Python Programming Essentials - M25 - os and sys modulesPython Programming Essentials - M25 - os and sys modules
Python Programming Essentials - M25 - os and sys modulesP3 InfoTech Solutions Pvt. Ltd.
Ā 
PHP 7 performances from PHP 5
PHP 7 performances from PHP 5PHP 7 performances from PHP 5
PHP 7 performances from PHP 5julien pauli
Ā 
Operating Systems - A Primer
Operating Systems - A PrimerOperating Systems - A Primer
Operating Systems - A PrimerSaumil Shah
Ā 
Python Programming Essentials - M37 - Brief Overview of Misc Concepts
Python Programming Essentials - M37 - Brief Overview of Misc ConceptsPython Programming Essentials - M37 - Brief Overview of Misc Concepts
Python Programming Essentials - M37 - Brief Overview of Misc ConceptsP3 InfoTech Solutions Pvt. Ltd.
Ā 
smash the stack , Menna Essa
smash the stack , Menna Essasmash the stack , Menna Essa
smash the stack , Menna EssaCATReloaded
Ā 
PHP 7 new engine
PHP 7 new enginePHP 7 new engine
PHP 7 new enginejulien pauli
Ā 
Dive into ROP - a quick introduction to Return Oriented Programming
Dive into ROP - a quick introduction to Return Oriented ProgrammingDive into ROP - a quick introduction to Return Oriented Programming
Dive into ROP - a quick introduction to Return Oriented ProgrammingSaumil Shah
Ā 
PyCon Taiwan 2013 Tutorial
PyCon Taiwan 2013 TutorialPyCon Taiwan 2013 Tutorial
PyCon Taiwan 2013 TutorialJustin Lin
Ā 
cs3157-summer06-lab1
cs3157-summer06-lab1cs3157-summer06-lab1
cs3157-summer06-lab1tutorialsruby
Ā 
Cell processor lab
Cell processor labCell processor lab
Cell processor labcoolmirza143
Ā 
How Functions Work
How Functions WorkHow Functions Work
How Functions WorkSaumil Shah
Ā 
OTP application (with gen server child) - simple example
OTP application (with gen server child) - simple exampleOTP application (with gen server child) - simple example
OTP application (with gen server child) - simple exampleYangJerng Hwa
Ā 

What's hot (20)

Python Programming Essentials - M25 - os and sys modules
Python Programming Essentials - M25 - os and sys modulesPython Programming Essentials - M25 - os and sys modules
Python Programming Essentials - M25 - os and sys modules
Ā 
PHP 7 performances from PHP 5
PHP 7 performances from PHP 5PHP 7 performances from PHP 5
PHP 7 performances from PHP 5
Ā 
Operating Systems - A Primer
Operating Systems - A PrimerOperating Systems - A Primer
Operating Systems - A Primer
Ā 
Python Programming Essentials - M31 - PEP 8
Python Programming Essentials - M31 - PEP 8Python Programming Essentials - M31 - PEP 8
Python Programming Essentials - M31 - PEP 8
Ā 
Operating System Assignment Help
Operating System Assignment HelpOperating System Assignment Help
Operating System Assignment Help
Ā 
Operating System Engineering Quiz
Operating System Engineering QuizOperating System Engineering Quiz
Operating System Engineering Quiz
Ā 
Computer Science Assignment Help
Computer Science Assignment HelpComputer Science Assignment Help
Computer Science Assignment Help
Ā 
Programming Assignment Help
Programming Assignment HelpProgramming Assignment Help
Programming Assignment Help
Ā 
Computer Science Homework Help
Computer Science Homework HelpComputer Science Homework Help
Computer Science Homework Help
Ā 
Python Programming Essentials - M37 - Brief Overview of Misc Concepts
Python Programming Essentials - M37 - Brief Overview of Misc ConceptsPython Programming Essentials - M37 - Brief Overview of Misc Concepts
Python Programming Essentials - M37 - Brief Overview of Misc Concepts
Ā 
smash the stack , Menna Essa
smash the stack , Menna Essasmash the stack , Menna Essa
smash the stack , Menna Essa
Ā 
Basics of ANT
Basics of ANTBasics of ANT
Basics of ANT
Ā 
PHP 7 new engine
PHP 7 new enginePHP 7 new engine
PHP 7 new engine
Ā 
CompilersAndLibraries
CompilersAndLibrariesCompilersAndLibraries
CompilersAndLibraries
Ā 
Dive into ROP - a quick introduction to Return Oriented Programming
Dive into ROP - a quick introduction to Return Oriented ProgrammingDive into ROP - a quick introduction to Return Oriented Programming
Dive into ROP - a quick introduction to Return Oriented Programming
Ā 
PyCon Taiwan 2013 Tutorial
PyCon Taiwan 2013 TutorialPyCon Taiwan 2013 Tutorial
PyCon Taiwan 2013 Tutorial
Ā 
cs3157-summer06-lab1
cs3157-summer06-lab1cs3157-summer06-lab1
cs3157-summer06-lab1
Ā 
Cell processor lab
Cell processor labCell processor lab
Cell processor lab
Ā 
How Functions Work
How Functions WorkHow Functions Work
How Functions Work
Ā 
OTP application (with gen server child) - simple example
OTP application (with gen server child) - simple exampleOTP application (with gen server child) - simple example
OTP application (with gen server child) - simple example
Ā 

Viewers also liked

Mango Tree Residences
Mango Tree ResidencesMango Tree Residences
Mango Tree ResidencesSandrex Mano
Ā 
The Rochester
The RochesterThe Rochester
The RochesterSandrex Mano
Ā 
Datos matriculaciones elƩctricos e hƭbridos mayo de 2013
Datos matriculaciones elƩctricos e hƭbridos mayo de 2013Datos matriculaciones elƩctricos e hƭbridos mayo de 2013
Datos matriculaciones elƩctricos e hƭbridos mayo de 2013ANIACAM_PRENSA
Ā 
Mule security jaas
Mule security jaasMule security jaas
Mule security jaasPhaniu
Ā 
MI EXPERIENCE CERTIFICATE
MI EXPERIENCE CERTIFICATEMI EXPERIENCE CERTIFICATE
MI EXPERIENCE CERTIFICATEUtpal Ganguly
Ā 
Media question one
Media question oneMedia question one
Media question oneArchieC
Ā 
FLYING HIGH BY STUART MANSELL ACCOUNTANCY AGE MAGAZINE (AA)
FLYING HIGH BY STUART MANSELL ACCOUNTANCY AGE MAGAZINE (AA)FLYING HIGH BY STUART MANSELL ACCOUNTANCY AGE MAGAZINE (AA)
FLYING HIGH BY STUART MANSELL ACCOUNTANCY AGE MAGAZINE (AA)Ian Herman
Ā 
怐配åøƒē”Ø怑ē ”ē©¶ä¼šć‚½ć‚·ć‚Ŗč³‡ę–™ 20141031
怐配åøƒē”Ø怑ē ”ē©¶ä¼šć‚½ć‚·ć‚Ŗč³‡ę–™ 20141031怐配åøƒē”Ø怑ē ”ē©¶ä¼šć‚½ć‚·ć‚Ŗč³‡ę–™ 20141031
怐配åøƒē”Ø怑ē ”ē©¶ä¼šć‚½ć‚·ć‚Ŗč³‡ę–™ 20141031human-edu
Ā 
Mathematical logic
Mathematical logicMathematical logic
Mathematical logicble nature
Ā 
ćƒ‘ćƒćƒ«ćƒ‡ć‚£ć‚¹ć‚«ćƒƒć‚·ćƒ§ćƒ³
ćƒ‘ćƒćƒ«ćƒ‡ć‚£ć‚¹ć‚«ćƒƒć‚·ćƒ§ćƒ³ćƒ‘ćƒćƒ«ćƒ‡ć‚£ć‚¹ć‚«ćƒƒć‚·ćƒ§ćƒ³
ćƒ‘ćƒćƒ«ćƒ‡ć‚£ć‚¹ć‚«ćƒƒć‚·ćƒ§ćƒ³NetAgent Co.,Ltd.
Ā 
Fast Fish Forum 16 November 2016
Fast Fish Forum 16 November 2016Fast Fish Forum 16 November 2016
Fast Fish Forum 16 November 2016BSGAfrica
Ā 
ę¾å€‰ćƒ•ć‚šćƒ¬ć‚»ć‚™ćƒ³č³‡ę–™ļ¼ˆå…Ø国大会ļ¼‰.Pptx
ę¾å€‰ćƒ•ć‚šćƒ¬ć‚»ć‚™ćƒ³č³‡ę–™ļ¼ˆå…Ø国大会ļ¼‰.Pptxę¾å€‰ćƒ•ć‚šćƒ¬ć‚»ć‚™ćƒ³č³‡ę–™ļ¼ˆå…Ø国大会ļ¼‰.Pptx
ę¾å€‰ćƒ•ć‚šćƒ¬ć‚»ć‚™ćƒ³č³‡ę–™ļ¼ˆå…Ø国大会ļ¼‰.Pptxhuman-edu
Ā 
Stack Overflow恧꜀悂ꊕē„Øę•°ć®å¤šć‹ć£ćŸiOSé–¢é€£ć®Questionćƒ™ć‚¹ćƒˆ10ļ¼ˆ2015幓ē‰ˆļ¼‰
Stack Overflow恧꜀悂ꊕē„Øę•°ć®å¤šć‹ć£ćŸiOSé–¢é€£ć®Questionćƒ™ć‚¹ćƒˆ10ļ¼ˆ2015幓ē‰ˆļ¼‰Stack Overflow恧꜀悂ꊕē„Øę•°ć®å¤šć‹ć£ćŸiOSé–¢é€£ć®Questionćƒ™ć‚¹ćƒˆ10ļ¼ˆ2015幓ē‰ˆļ¼‰
Stack Overflow恧꜀悂ꊕē„Øę•°ć®å¤šć‹ć£ćŸiOSé–¢é€£ć®Questionćƒ™ć‚¹ćƒˆ10ļ¼ˆ2015幓ē‰ˆļ¼‰Kosuke Ogawa
Ā 
Mule oracle connectors
Mule oracle connectorsMule oracle connectors
Mule oracle connectorsprinceirfancivil
Ā 
Reston Network Analysis Community Meeting 2050 Results and Funding Plan: Nov....
Reston Network Analysis Community Meeting 2050 Results and Funding Plan: Nov....Reston Network Analysis Community Meeting 2050 Results and Funding Plan: Nov....
Reston Network Analysis Community Meeting 2050 Results and Funding Plan: Nov....Fairfax County
Ā 
Reston Transportation Funding Plan: July 15, 2016
Reston Transportation Funding Plan: July 15, 2016Reston Transportation Funding Plan: July 15, 2016
Reston Transportation Funding Plan: July 15, 2016Fairfax County
Ā 
Fairfax Countywide Transit Network Study: Proposed High Quality Transit Network
Fairfax Countywide Transit Network Study: Proposed High Quality Transit NetworkFairfax Countywide Transit Network Study: Proposed High Quality Transit Network
Fairfax Countywide Transit Network Study: Proposed High Quality Transit NetworkFairfax County
Ā 

Viewers also liked (19)

Mango Tree Residences
Mango Tree ResidencesMango Tree Residences
Mango Tree Residences
Ā 
The Rochester
The RochesterThe Rochester
The Rochester
Ā 
Datos matriculaciones elƩctricos e hƭbridos mayo de 2013
Datos matriculaciones elƩctricos e hƭbridos mayo de 2013Datos matriculaciones elƩctricos e hƭbridos mayo de 2013
Datos matriculaciones elƩctricos e hƭbridos mayo de 2013
Ā 
Mule security jaas
Mule security jaasMule security jaas
Mule security jaas
Ā 
MI EXPERIENCE CERTIFICATE
MI EXPERIENCE CERTIFICATEMI EXPERIENCE CERTIFICATE
MI EXPERIENCE CERTIFICATE
Ā 
Media question one
Media question oneMedia question one
Media question one
Ā 
FLYING HIGH BY STUART MANSELL ACCOUNTANCY AGE MAGAZINE (AA)
FLYING HIGH BY STUART MANSELL ACCOUNTANCY AGE MAGAZINE (AA)FLYING HIGH BY STUART MANSELL ACCOUNTANCY AGE MAGAZINE (AA)
FLYING HIGH BY STUART MANSELL ACCOUNTANCY AGE MAGAZINE (AA)
Ā 
怐配åøƒē”Ø怑ē ”ē©¶ä¼šć‚½ć‚·ć‚Ŗč³‡ę–™ 20141031
怐配åøƒē”Ø怑ē ”ē©¶ä¼šć‚½ć‚·ć‚Ŗč³‡ę–™ 20141031怐配åøƒē”Ø怑ē ”ē©¶ä¼šć‚½ć‚·ć‚Ŗč³‡ę–™ 20141031
怐配åøƒē”Ø怑ē ”ē©¶ä¼šć‚½ć‚·ć‚Ŗč³‡ę–™ 20141031
Ā 
Mathematical logic
Mathematical logicMathematical logic
Mathematical logic
Ā 
ćƒ‘ćƒćƒ«ćƒ‡ć‚£ć‚¹ć‚«ćƒƒć‚·ćƒ§ćƒ³
ćƒ‘ćƒćƒ«ćƒ‡ć‚£ć‚¹ć‚«ćƒƒć‚·ćƒ§ćƒ³ćƒ‘ćƒćƒ«ćƒ‡ć‚£ć‚¹ć‚«ćƒƒć‚·ćƒ§ćƒ³
ćƒ‘ćƒćƒ«ćƒ‡ć‚£ć‚¹ć‚«ćƒƒć‚·ćƒ§ćƒ³
Ā 
Fast Fish Forum 16 November 2016
Fast Fish Forum 16 November 2016Fast Fish Forum 16 November 2016
Fast Fish Forum 16 November 2016
Ā 
ę¾å€‰ćƒ•ć‚šćƒ¬ć‚»ć‚™ćƒ³č³‡ę–™ļ¼ˆå…Ø国大会ļ¼‰.Pptx
ę¾å€‰ćƒ•ć‚šćƒ¬ć‚»ć‚™ćƒ³č³‡ę–™ļ¼ˆå…Ø国大会ļ¼‰.Pptxę¾å€‰ćƒ•ć‚šćƒ¬ć‚»ć‚™ćƒ³č³‡ę–™ļ¼ˆå…Ø国大会ļ¼‰.Pptx
ę¾å€‰ćƒ•ć‚šćƒ¬ć‚»ć‚™ćƒ³č³‡ę–™ļ¼ˆå…Ø国大会ļ¼‰.Pptx
Ā 
Report on Options for Division Webinars - Final (Version 7) - APA - DC - EC (11)
Report on Options for Division Webinars - Final (Version 7) - APA - DC - EC (11)Report on Options for Division Webinars - Final (Version 7) - APA - DC - EC (11)
Report on Options for Division Webinars - Final (Version 7) - APA - DC - EC (11)
Ā 
Stack Overflow恧꜀悂ꊕē„Øę•°ć®å¤šć‹ć£ćŸiOSé–¢é€£ć®Questionćƒ™ć‚¹ćƒˆ10ļ¼ˆ2015幓ē‰ˆļ¼‰
Stack Overflow恧꜀悂ꊕē„Øę•°ć®å¤šć‹ć£ćŸiOSé–¢é€£ć®Questionćƒ™ć‚¹ćƒˆ10ļ¼ˆ2015幓ē‰ˆļ¼‰Stack Overflow恧꜀悂ꊕē„Øę•°ć®å¤šć‹ć£ćŸiOSé–¢é€£ć®Questionćƒ™ć‚¹ćƒˆ10ļ¼ˆ2015幓ē‰ˆļ¼‰
Stack Overflow恧꜀悂ꊕē„Øę•°ć®å¤šć‹ć£ćŸiOSé–¢é€£ć®Questionćƒ™ć‚¹ćƒˆ10ļ¼ˆ2015幓ē‰ˆļ¼‰
Ā 
Clustering of Mule ESB
Clustering of Mule ESBClustering of Mule ESB
Clustering of Mule ESB
Ā 
Mule oracle connectors
Mule oracle connectorsMule oracle connectors
Mule oracle connectors
Ā 
Reston Network Analysis Community Meeting 2050 Results and Funding Plan: Nov....
Reston Network Analysis Community Meeting 2050 Results and Funding Plan: Nov....Reston Network Analysis Community Meeting 2050 Results and Funding Plan: Nov....
Reston Network Analysis Community Meeting 2050 Results and Funding Plan: Nov....
Ā 
Reston Transportation Funding Plan: July 15, 2016
Reston Transportation Funding Plan: July 15, 2016Reston Transportation Funding Plan: July 15, 2016
Reston Transportation Funding Plan: July 15, 2016
Ā 
Fairfax Countywide Transit Network Study: Proposed High Quality Transit Network
Fairfax Countywide Transit Network Study: Proposed High Quality Transit NetworkFairfax Countywide Transit Network Study: Proposed High Quality Transit Network
Fairfax Countywide Transit Network Study: Proposed High Quality Transit Network
Ā 

Similar to Exploiting stack overflow 101

Smash the Stack: Writing a Buffer Overflow Exploit (Win32)
Smash the Stack: Writing a Buffer Overflow Exploit (Win32)Smash the Stack: Writing a Buffer Overflow Exploit (Win32)
Smash the Stack: Writing a Buffer Overflow Exploit (Win32)Elvin Gentiles
Ā 
Low Level Exploits
Low Level ExploitsLow Level Exploits
Low Level Exploitshughpearse
Ā 
05 - Bypassing DEP, or why ASLR matters
05 - Bypassing DEP, or why ASLR matters05 - Bypassing DEP, or why ASLR matters
05 - Bypassing DEP, or why ASLR mattersAlexandre Moneger
Ā 
Exploit Development with Python
Exploit Development with PythonExploit Development with Python
Exploit Development with PythonThomas Gregory
Ā 
Exploit Development: EzServer Buffer Overflow oleh Tom Gregory
Exploit Development: EzServer Buffer Overflow oleh Tom GregoryExploit Development: EzServer Buffer Overflow oleh Tom Gregory
Exploit Development: EzServer Buffer Overflow oleh Tom Gregoryzakiakhmad
Ā 
08 - Return Oriented Programming, the chosen one
08 - Return Oriented Programming, the chosen one08 - Return Oriented Programming, the chosen one
08 - Return Oriented Programming, the chosen oneAlexandre Moneger
Ā 
Bypassing DEP using ROP
Bypassing DEP using ROPBypassing DEP using ROP
Bypassing DEP using ROPJapneet Singh
Ā 
Cloud forensics putting the bits back together
Cloud forensics putting the bits back togetherCloud forensics putting the bits back together
Cloud forensics putting the bits back togetherShakacon
Ā 
Windows Kernel Exploitation : This Time Font hunt you down in 4 bytes
Windows Kernel Exploitation : This Time Font hunt you down in 4 bytesWindows Kernel Exploitation : This Time Font hunt you down in 4 bytes
Windows Kernel Exploitation : This Time Font hunt you down in 4 bytesPeter Hlavaty
Ā 
Exploit techniques - a quick review
Exploit techniques - a quick reviewExploit techniques - a quick review
Exploit techniques - a quick reviewCe.Se.N.A. Security
Ā 
Dive into exploit development
Dive into exploit developmentDive into exploit development
Dive into exploit developmentPayampardaz
Ā 
A Life of breakpoint
A Life of breakpointA Life of breakpoint
A Life of breakpointHajime Morrita
Ā 
Sour Pickles
Sour PicklesSour Pickles
Sour PicklesSensePost
Ā 
Reversing malware analysis training part4 assembly programming basics
Reversing malware analysis training part4 assembly programming basicsReversing malware analysis training part4 assembly programming basics
Reversing malware analysis training part4 assembly programming basicsCysinfo Cyber Security Community
Ā 
SEH overwrite and its exploitability
SEH overwrite and its exploitabilitySEH overwrite and its exploitability
SEH overwrite and its exploitabilityFFRI, Inc.
Ā 
NSC #2 - D3 02 - Peter Hlavaty - Attack on the Core
NSC #2 - D3 02 - Peter Hlavaty - Attack on the CoreNSC #2 - D3 02 - Peter Hlavaty - Attack on the Core
NSC #2 - D3 02 - Peter Hlavaty - Attack on the CoreNoSuchCon
Ā 
Return Oriented Programming (ROP) Based Exploits - Part I
Return Oriented Programming (ROP) Based Exploits - Part IReturn Oriented Programming (ROP) Based Exploits - Part I
Return Oriented Programming (ROP) Based Exploits - Part In|u - The Open Security Community
Ā 
Buffer Overflows
Buffer OverflowsBuffer Overflows
Buffer OverflowsSumit Kumar
Ā 

Similar to Exploiting stack overflow 101 (20)

Smash the Stack: Writing a Buffer Overflow Exploit (Win32)
Smash the Stack: Writing a Buffer Overflow Exploit (Win32)Smash the Stack: Writing a Buffer Overflow Exploit (Win32)
Smash the Stack: Writing a Buffer Overflow Exploit (Win32)
Ā 
Low Level Exploits
Low Level ExploitsLow Level Exploits
Low Level Exploits
Ā 
05 - Bypassing DEP, or why ASLR matters
05 - Bypassing DEP, or why ASLR matters05 - Bypassing DEP, or why ASLR matters
05 - Bypassing DEP, or why ASLR matters
Ā 
Exploit Development with Python
Exploit Development with PythonExploit Development with Python
Exploit Development with Python
Ā 
Exploit Development: EzServer Buffer Overflow oleh Tom Gregory
Exploit Development: EzServer Buffer Overflow oleh Tom GregoryExploit Development: EzServer Buffer Overflow oleh Tom Gregory
Exploit Development: EzServer Buffer Overflow oleh Tom Gregory
Ā 
08 - Return Oriented Programming, the chosen one
08 - Return Oriented Programming, the chosen one08 - Return Oriented Programming, the chosen one
08 - Return Oriented Programming, the chosen one
Ā 
Exploitation Crash Course
Exploitation Crash CourseExploitation Crash Course
Exploitation Crash Course
Ā 
Bypassing DEP using ROP
Bypassing DEP using ROPBypassing DEP using ROP
Bypassing DEP using ROP
Ā 
Cloud forensics putting the bits back together
Cloud forensics putting the bits back togetherCloud forensics putting the bits back together
Cloud forensics putting the bits back together
Ā 
Windows Kernel Exploitation : This Time Font hunt you down in 4 bytes
Windows Kernel Exploitation : This Time Font hunt you down in 4 bytesWindows Kernel Exploitation : This Time Font hunt you down in 4 bytes
Windows Kernel Exploitation : This Time Font hunt you down in 4 bytes
Ā 
Exploit techniques - a quick review
Exploit techniques - a quick reviewExploit techniques - a quick review
Exploit techniques - a quick review
Ā 
Dive into exploit development
Dive into exploit developmentDive into exploit development
Dive into exploit development
Ā 
A Life of breakpoint
A Life of breakpointA Life of breakpoint
A Life of breakpoint
Ā 
Buffer overflow attack
Buffer overflow attackBuffer overflow attack
Buffer overflow attack
Ā 
Sour Pickles
Sour PicklesSour Pickles
Sour Pickles
Ā 
Reversing malware analysis training part4 assembly programming basics
Reversing malware analysis training part4 assembly programming basicsReversing malware analysis training part4 assembly programming basics
Reversing malware analysis training part4 assembly programming basics
Ā 
SEH overwrite and its exploitability
SEH overwrite and its exploitabilitySEH overwrite and its exploitability
SEH overwrite and its exploitability
Ā 
NSC #2 - D3 02 - Peter Hlavaty - Attack on the Core
NSC #2 - D3 02 - Peter Hlavaty - Attack on the CoreNSC #2 - D3 02 - Peter Hlavaty - Attack on the Core
NSC #2 - D3 02 - Peter Hlavaty - Attack on the Core
Ā 
Return Oriented Programming (ROP) Based Exploits - Part I
Return Oriented Programming (ROP) Based Exploits - Part IReturn Oriented Programming (ROP) Based Exploits - Part I
Return Oriented Programming (ROP) Based Exploits - Part I
Ā 
Buffer Overflows
Buffer OverflowsBuffer Overflows
Buffer Overflows
Ā 

More from n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
Ā 

More from n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
Ā 
Osint primer
Osint primerOsint primer
Osint primer
Ā 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
Ā 
Nmap basics
Nmap basicsNmap basics
Nmap basics
Ā 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
Ā 
Api security-testing
Api security-testingApi security-testing
Api security-testing
Ā 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
Ā 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Ā 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
Ā 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
Ā 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
Ā 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
Ā 
Cloud security
Cloud security Cloud security
Cloud security
Ā 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
Ā 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
Ā 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
Ā 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
Ā 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
Ā 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
Ā 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
Ā 

Recently uploaded

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
Ā 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
Ā 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
Ā 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
Ā 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
Ā 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
Ā 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
Ā 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
Ā 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
Ā 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
Ā 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
Ā 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
Ā 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
Ā 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
Ā 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
Ā 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
Ā 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
Ā 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
Ā 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
Ā 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
Ā 

Recently uploaded (20)

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Ā 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Ā 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Ā 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
Ā 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Ā 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
Ā 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
Ā 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Ā 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
Ā 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
Ā 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
Ā 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
Ā 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
Ā 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Ā 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Ā 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
Ā 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
Ā 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Ā 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Ā 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
Ā 

Exploiting stack overflow 101