Linux Today: Linux News On Internet Time.

LinuxFocus.org: Avoiding security holes: memory, stack and functions, shellcode

Apr 15, 2001, 22:00 (0 Talkback[s])
(Other stories by Frédéric Raynal, Christophe Blaess, Christophe Grenier)

"In our previous article we analyzed the simplest security holes, the ones based on external command execution. This article and the next one show a widespread type of attack, the buffer overflow. First we will study the memory structure of a running application, and then we'll write a minimal piece of code allowing to start a shell (shellcode)."

"Let's assume a program is an instruction set, expressed in machine code (regardless of the language used to write it) that we commonly call a binary. When first compiled to get the binary file, the program source held variables, constants and instructions. This section presents the memory layout of the different parts of the binary."

"To understand what goes on while executing a binary, let's have a look at the memory organization. It relies on different areas..."

Complete Story