Exploit Writing for Beginners
of 14
-
Upload
milind-bhargava -
Category
Documents
-
view
25 -
download
0
description
Exploit Writing for Beginners
Transcript of Exploit Writing for Beginners
Exploit writing FOR Beginners
Exploit writing FOR Beginners Sabari Selvan, E Hacking NewsWhat is exactly Exploit writing?Writing a piece of code which is capable of exploit the vulnerability in the target software.
What is the impact of Exploits?Remote code execution : leads to running malicious application in victims systemDenial of Service attacks
STACKWhat I am going to explain todayIntro to StackStack Buffer Overflow attackDemoIntro to StackA piece of the Process memoryUsed for storing variables, function call,return address,Allocated by the OS, for each thread (when the thread is created). When the thread ends, the stack is cleared as well.The size of the stack is defined when it gets created and doesnt changeIncrease to lower address( 0041008 0041004 0041002)void vulnfun(char *in){ char buf[10]; }int main(int argc,char *argv[]){vulnfun(argv[1]); return 0;}....Stack Pointer (ESP)Top of the StackArguments for Main FunctionReturn AddressLocal variables of MainStack Frame for MainArguments for VulnFun function ( argv[1] )
Save previous Base Pointer Stack Frame for VulnfunSave previous Base PointerReturn AddressBase Pointer (EBP) of mainBase Pointer (EBP) of VulnFun0xFFFFFFFF0x00000000Local Variable of VulnFun( buf)Stack Pointer (ESP)Stack Pointer (ESP)Stack Pointer (ESP)Stack Pointer (ESP)Stack Pointer (ESP)Stack Pointer (ESP)Stack Pointer (ESP)Stack Pointer (ESP)
Stack Buffer OverflowStack Buffer OverflowResult of giving Input that is longer than the memory allocated for the variable
For instance, Char a[10] can store 10 characters. If you try to enter more than 10 characters that results in overflow....Stack Pointer (ESP)Top of the StackArguments for Main FunctionReturn AddressLocal variables of MainAAAAAAAAAAAAAA
Arguments for VulnFun function ( argv[1] )
AAAAAAASave previous Base PointerReturn AddressBase Pointer (EBP) of mainBase Pointer (EBP) of VulnFunLocal variable bufSaved Base pointer overwrittenOverFlow ....Stack Pointer (ESP)Top of the StackArguments for Main FunctionReturn AddressLocal variables of MainAAAAAAAAAAAAAA
Arguments for VulnFun function ( argv[1] )
AAAAAAASave previous Base Pointer0x004012C9Base Pointer (EBP) of MainBase Pointer (EBP) of VulnFunLocal variable bufSaved Base pointer overwrittenExploiting OverFlow Return Address modified by exploiting the overflowThank You
![[2012 CodeEngn Conference 07] manGoo - Exploit Writing Technique의 발전과 최신 트랜드](https://static.fdocuments.net/doc/165x107/557a8ff3d8b42ac8638b513a/2012-codeengn-conference-07-mangoo-exploit-writing-technique-.jpg)
