A.4 GOT Overwrites

Once you have found a memory corruption vulnerability, you can use a variety of techniques to gain control over the instruction pointer register of the vulnerable process. One of these techniques, called GOT overwrite, works by manipulating an entry in the so-called Global Offset Table (GOT) of an Executable and Linkable Format (ELF)[90] object to gain control over the instruction pointer. Since this technique relies on the ELF file format, it works only on platforms supporting this format (such as Linux, Solaris, or BSD).

The GOT is located in an ELF-internal data section called .got. Its purpose is to redirect position-independent address calculations to an absolute location, so it stores the absolute location of function-call ...

Get A Bug Hunter's Diary now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.