Chapter 17. A Stack-Based Buffer Overflow in Windows
In this chapter, we will look at exploiting a stack-based buffer overflow in an older version of a Windows-based FTP server. As we did in Chapter 16, we will attempt to overwrite the return pointer saved onto the stack when a function is called, as shown earlier in Figure 16-3. When the function main
calls function1
, the next instruction to be executed is saved on the stack, and a stack frame for function1
is added to the stack.
The size of function1
âs local variables is determined when the application is compiled and fixed. The amount of space âreservedâ on the stack for these local variables is fixed, too. This reservation is called a stack buffer. If we put more data in the stack ...
Get Penetration Testing now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.