Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
en:it-security:blog:buffer_overflow_x64-3 [2024/04/08 21:06] – created psycore | en:it-security:blog:buffer_overflow_x64-3 [2024/04/14 12:47] (current) – psycore | ||
---|---|---|---|
Line 2: | Line 2: | ||
====== Buffer overflow in the 64-bit stack - Part 3 ====== | ====== Buffer overflow in the 64-bit stack - Part 3 ====== | ||
- | {{it-security: | + | In [[en:it-security: |
The third part of the Buffer Overflow series. | The third part of the Buffer Overflow series. | ||
Line 11: | Line 11: | ||
==== Theory ==== | ==== Theory ==== | ||
- | In [[en:it-security: | + | {{it-security: |
In Linux systems, dynamic programme libraries are usually used. This has the advantage that we do not have to rewrite every function in every programme, but can simply access the function of the system, which, for example, is stored in '' | In Linux systems, dynamic programme libraries are usually used. This has the advantage that we do not have to rewrite every function in every programme, but can simply access the function of the system, which, for example, is stored in '' | ||
Line 19: | Line 19: | ||
PLT (Procedure Linkage Table) and GOT (Global Offset Table) are responsible for the interaction during dynamic linking. The function '' | PLT (Procedure Linkage Table) and GOT (Global Offset Table) are responsible for the interaction during dynamic linking. The function '' | ||
- | The GOT now contains all '' | + | The GOT now contains all '' |
=== Leak and Overwrite === | === Leak and Overwrite === | ||
Line 54: | Line 54: | ||
==== C Programme ==== | ==== C Programme ==== | ||
- | The source code and the compiled binary are also available on [[gh> | + | The source code and the compiled binary are also available on [[gh> |
<file c bof-part3.c> | <file c bof-part3.c> | ||
Line 92: | Line 92: | ||
===== Debug ===== | ===== Debug ===== | ||
- | {{page> | + | {{page>en:vorlagen: |
==== Start socat Listener ==== | ==== Start socat Listener ==== | ||
Line 447: | Line 447: | ||
^ Prüfsumme (SHA256) | d1212026504c7a90680e3f1e430244734695971c73f1461bed12605644c707d8 | | ^ Prüfsumme (SHA256) | d1212026504c7a90680e3f1e430244734695971c73f1461bed12605644c707d8 | | ||
+ | ~~DISCUSSION~~ |