| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
Stack Buffer Overflows
-What are they
-The stack and calling conventions
-Calculating the location for new return addresses
-Injecting payloads
-Protections against this
--Non-executable stacks
--Address Space Layout Randomization (ASLR)
--Stack Canaries
Format Strings
What is a format string
How do the vulnerabilities get created
Crashing programs
Reading stack variables
Reading arbitrary memory
Writing arbitrary memory
Dr. Phil Polstra is currently a Professor of Digital Forensics at Bloomsburg University of Pennsylvania (an NSA CAE in Digital Forensics). He is the author of four books on penetration testing and forensics (some of which have been translated into other languages). He has spoken and given training at numerous conferences around the world including repeat performances at DEFCON, BlackHat, 44CON, GrrCON, B-sides, and BloomCON, to name a few. When not teaching he has been known to hack electronics and engage in many forms of aviation.
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast