I designed a lecture introducing students to the concept of a buffer overflow, as part of an independent study course with Professor Jens Mache. The goal of the presentation was to be accessible to students with minimal background in computer architecture, although the audience ended up being comprised of students mostly familiar with it.
Other resources available online:
- Smashing The Stack For Fun And Profit
- Purdue Buffer Overflow Lecture
- Wikipedia Buffer Overflow (stack based)
- Buffer Overflow Attacks and their Countermeasures @ LinuxJournal
- Wikibooks x86 dissasembly and the stack
- Naked Security Heartbleed explanation
- Chat Wars (AOL intentionally put a buffer overflow in AIM to stop Microsoft from using their protocol!)
- Wired Conficker article
- Wikipedia Stack Smashing
- Shell Storm Shellcode Database . Note: use ONLY x86 shellcodes for this exercise
- This is homepage of the lab we will be doing.
- Here is buf.c, the introductory file.
- Here is the stack.c file.
Tip: Set your disassembly flavor to intel using: set disassembly-flavor intel
Super basic GDB commands (written hastily):
- list (l): shows source code, optionally supply a function name to show code for that function
- break (b): set a breakpoint at supplied linenumber or supplied address (with *ADDRESS)
- x: examine memory location (i.e. x/40x $esp to show 40 doublewords (default size to show) outputted in hex format from the location of the stack pointer)
- run (r): run the program (supply arguments here, i.e. “r aaaaaaaa”)
- disas: print the assembly code for the supplied funciton (i.e. disas main)
- step (s): go forward one line of C
- stepi (si): go forward one instruction (assembly)
- continue (c): continue execution after a breakpoint