Skip to Main Content
Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals
book

Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals

by James C Foster
April 2005
Intermediate to advanced content levelIntermediate to advanced
700 pages
20h 39m
English
Syngress
Content preview from Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals
Since we can control the arguments to a particular format string function, we can
cause arbitrary values to be overwritten to specified addresses with the use of the %n
format string character.To actually overwrite the value of pointers on the stack, we must
specify the address to be overwritten and use %n to write to that particular address. Let’s
try to overwrite the value of the variable number. First, we know that when invoking the
vulnerable program with an argument of the length of 10, the variable is located at
0xbffffc18 on the stack. We can now attempt to overwrite the variable number.
1 $ ./example `printf "\x18\xfc\xff\xbf"`%x%x%n
2 bffffc3840049f1840135e48
3 number (0xbffffc18) is equal to 10
4 $
5
As you can see, the variable number now contains ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

32/64-Bit 80x86 Assembly Language Architecture

32/64-Bit 80x86 Assembly Language Architecture

James Leiterman

Publisher Resources

ISBN: 9781597490054