I'm following The Security Tube's video here: http://ift.tt/1zt0RY9
He overviews buffer overflows, and mentions how memory is executed from highest to lowest in the stack (at least with his implementation I assume). So we pass the memory address of a function that's not called in the program, into a 3 word buffer. We overflow that buffer with a 12 character string, and then the memory address backwards. So it looks something like this:
printf "123456789abc\x32\x07\x45\xb4" | ./demo
The actual address was (b4074532)
Why is it that we display the memory address backwards, but at the end of the stack? If memory is read from high to low, shouldn't it be backwards, but at the end of the stack? Obviously, this is not the case -- since he showed it working. However; it seems to me that the stack would not be "overflown" and the values "\23x\cba987654321" would be executed.
Aucun commentaire:
Enregistrer un commentaire