Scribd Logo
Upload

Welcome to Scribd!

  • Exploit Writing For Beginners

    Uploaded by

    Milind Bhargava
    89 views14 pages
    Exploit Writing for Beginners

    Original Title

    Exploit Writing for Beginners

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Exploit Writing for Beginners

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    89 views14 pages

    Exploit Writing For Beginners

    Uploaded by

    Milind Bhargava
    Exploit Writing for Beginners

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 14

    EXPLOIT

    WRITING FOR
    BEGINNERS
    SABARI SELVAN, E HACKING NEWS

    What is exactly Exploit writing?

    Writing a piece of code which is capable


    of exploit the vulnerability in the target
    software.

    What is the impact of Exploits?

    Remote code execution : leads to running


    malicious application in victims system

    Denial of Service attacks

    STACK

    What I am going to explain


    today

    Intro to Stack
    Stack Buffer Overflow attack
    Demo

    Intro to Stack

    A piece of the Process memory


    Used for storing variables, function call,return
    address,
    Allocated by the OS, for each thread (when
    the thread is created). When the thread ends,
    the stack is cleared as well.
    The size of the stack is defined when it gets
    created and doesnt change
    Increase to lower address( 0041008
    0041004 0041002)

    void vulnfun(char *in)


    {
    char buf[10];
    }
    int main(int argc,char *argv[])
    {
    vulnfun(argv[1]);
    return 0;
    }

    0x000000
    00

    Top of the Stack


    Stack Pointer
    (ESP)
    Stack Pointer
    (ESP)
    Stack Pointer
    (ESP)
    Stack Pointer
    (ESP)
    Base Pointer (EBP)
    of VulnFun
    Stack Pointer
    (ESP)
    Stack Pointer
    (ESP)
    Stack Pointer
    Stack Pointer (ESP)
    (ESP)
    Base Pointer
    (EBP)
    of Pointer
    main
    Stack
    (ESP)

    Local Variable of
    VulnFun( buf)
    Save previous Base
    Pointer

    Return Address

    Stack Frame for


    Vulnfun

    Arguments for
    VulnFun function
    ( argv[1] )
    Local variables of
    Main
    Save previous Base
    Pointer
    Return Address

    Stack Frame for


    Main

    Arguments for Main


    Function
    .
    .
    .
    .

    0xFFFFFF

    Stack Buffer Overflow

    Stack Buffer Overflow

    Result of giving Input that is longer than


    the memory allocated for the variable

    For instance, Char a[10] can store 10


    characters. If you try to enter more than
    10 characters that results in overflow

    OverFlow
    Stack Pointer
    (ESP)

    Top of the Stack


    AAAAAAA
    AAAAAAA
    AAAAAAA

    Return Address
    Base Pointer
    (EBP) of
    VulnFun

    Arguments for
    VulnFun function
    ( argv[1] )
    Local variables of
    Main
    Save previous Base
    Pointer
    Return Address

    Base Pointer
    (EBP) of main

    Arguments for Main


    Function
    .
    .
    .
    .

    Local variable buf


    Saved Base
    pointer overwritten

    EXPLOITING OVERFLOW
    Stack Pointer
    (ESP)

    Base Pointer (EBP)


    of VulnFun

    Top of the Stack


    AAAAAAA
    AAAAAAA
    AAAAAAA

    Saved Base pointer


    overwritten

    0x004012C9

    Return Address
    modified by exploiting
    the overflow

    Arguments for
    VulnFun function
    ( argv[1] )
    Local variables of
    Main
    Save previous Base
    Pointer
    Return Address

    Base Pointer
    (EBP) of Main

    Local variable buf

    Arguments for Main


    Function
    .
    .
    .
    .

    Thank You

    You might also like