Scribd
Upload
18 views5 pages

Tampering Return Address

Uploaded by

MotivatioNet
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
18 views5 pages

Tampering Return Address

Uploaded by

MotivatioNet
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Exploi'ng

 Simple  Buffer  Overflows  on  


Win32  

Vivek  Ramachandran  
SWSE,  SMFE,  SPSE,  SISE,  SLAE,  SGDE  Course  Instructor  

Cer'fica'ons:                          hNp://www.securitytube-­‐training.com    
 
Pentester  Academy:    hNp://www.PentesterAcademy.com    

©SecurityTube.net  
Tampering  the  Return  Address  

©SecurityTube.net  
Return  Address  
Low  Memory  
main(…..)  
{  
 ….  
 func'on(0x11111111);  
RETURN  Address    ….  
  Local  Variables  +  
Others  
}  

EBP  
(Frame  Pointer)  
func'on1(…..)  
{  
 local  variable  defini'ons;   RETURN  Address  
 ….  
 return  1;  
  0x11111111  
}  

©SecurityTube.net  
-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐   High  Memory  
Return  Address  

Low  Memory  
main(…..)  
{  
 ….  
 func'on(0x11111111);  
 ….   DoNotExecute(…..)  
  {  
Local  
}    local  variable  defini'ons;  
Variables  +  
 ….  
Others  
 return  1;  
 
}  
EBP  
(Frame  
func'on1(…..)   Pointer)  
{  
 local  variable  defini'ons;   RETURN  
 ….   Address  
 return  1;  
 
}   0x11111111  

-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐   High  Memory  

©SecurityTube.net  
Pentester  Academy  

©SecurityTube.net  

You might also like