A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


A deep look at Stack Buffer Overflows and Format String Vulnerabilities - Philip Polstra SecureWV/Hack3rcon 2018 (Hacking Illustrated Series InfoSec Tutorial Videos)

A deep look at Stack Buffer Overflows and Format String Vulnerabilities
Philip Polstra
SecureWV/Hack3rcon 2018

Stack Buffer Overflows -What are they -The stack and calling conventions -Calculating the location for new return addresses -Injecting payloads -Protections against this --Non-executable stacks --Address Space Layout Randomization (ASLR) --Stack Canaries Format Strings What is a format string How do the vulnerabilities get created Crashing programs Reading stack variables Reading arbitrary memory Writing arbitrary memory

Dr. Phil Polstra is currently a Professor of Digital Forensics at Bloomsburg University of Pennsylvania (an NSA CAE in Digital Forensics). He is the author of four books on penetration testing and forensics (some of which have been translated into other languages). He has spoken and given training at numerous conferences around the world including repeat performances at DEFCON, BlackHat, 44CON, GrrCON, B-sides, and BloomCON, to name a few. When not teaching he has been known to hack electronics and engage in many forms of aviation.

Back to SecureWV 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast