The document discusses computer memory layout and calling conventions. It explains that programs are stored in segments like text, data, bss, heap and stack. The stack grows downward while the heap grows upward. When a function is called, parameters are pushed onto the stack and the instruction pointer is saved. The function then saves the base pointer and allocates space for local variables below it on the stack. A buffer overflow occurs when a program writes more data to a buffer than it was allocated to hold. Shellcode is program code designed to be injected and executed from the stack.

1. Seguretat Local exploits v2011/01 Carles Mateu i Ramon Bèjar Departament d'Informàtica i Enginyeria Industrial Universitat de Lleida

2. Exploits Programs and tools that, take profit from a vulnerability (usually a programming error) to gain access, scalate privileges, etc.

3. Programming 101 Computer memory (executing programs)

4. C Calling Convention

5. Buffer management

6. Computer memory Basics

7. Segments

8. Stacks

9. Computer memory basics Endianness: Byte order when storing multibyte data in memory.

10. Little endian: L1 L2 H1 H2 Big endian: H1 H2 L1 L2 Intel: little endian. Motorola: big endian. Network: big endian.

11. Computer memory: Segments .text : Executable code. RO and Fixed Size.

12. .data : Global initialized variables. Fixed Size.

13. .bss : (below stack section). Global NON -initialized variables. Fixed Size.

14. Heap: Dynamic allocated space. Grows from low -> high. (malloc, free).

15. Stack: Dynamic. Grows from high -> low. Keeps calling stack and local variables.

16. Env: System environment variables and program arguments.

17. Computer memory: Segment layout.

18. Segment layout example. int index = 5; // data (initialized) char * str; // bss (uninitialized) int nothing; // bss (uninitialized) void fun(int c) // stack { int i=c; // stack region str = (char*)malloc(10*sizeof (char)); // heap strncpy(str, "abcde", 5); } void main () { fun(1); }