Exploiting & Defense Day 2 Recap

Slides:



Advertisements
Similar presentations
Buffer Overflow Prabhaker Mateti Wright State University.
Advertisements

Smashing the Stack for Fun and Profit
David Brumley Carnegie Mellon University Credit: Some slides from Ed Schwartz.
Recitation 4: 09/30/02 Outline The Stack! Essential skill for Lab 3 –Out-of-bound array access –Put your code on the stack Annie Luo
C Programming and Assembly Language Janakiraman V – NITK Surathkal 2 nd August 2014.
Review: Software Security David Brumley Carnegie Mellon University.
PC hardware and x86 3/3/08 Frans Kaashoek MIT
1 Function Calls Professor Jennifer Rexford COS 217 Reading: Chapter 4 of “Programming From the Ground Up” (available online from the course Web site)
Windows XP SP2 Stack Protection Jimmy Hermansson Johan Tibell.
Accessing parameters from the stack and calling functions.
1 Homework Reading –PAL, pp , Machine Projects –Finish mp2warmup Questions? –Start mp2 as soon as possible Labs –Continue labs with your.
Assembly תרגול 8 פונקציות והתקפת buffer.. Procedures (Functions) A procedure call involves passing both data and control from one part of the code to.
September 22, 2014 Pengju (Jimmy) Jin Section E
Introduction to InfoSec – Recitation 2 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
6.828: PC hardware and x86 Frans Kaashoek
Computer Architecture and Operating Systems CS 3230 :Assembly Section Lecture 7 Department of Computer Science and Software Engineering University of Wisconsin-Platteville.
UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering Stack allocation and buffer overflow CSCE 531 Presentation by Miao XU
Carnegie Mellon Introduction to Computer Systems /18-243, spring 2009 Recitation, Jan. 14 th.
1 Carnegie Mellon Stacks : Introduction to Computer Systems Recitation 5: September 24, 2012 Joon-Sup Han Section F.
Code Generation Gülfem Savrun Yeniçeri CS 142 (b) 02/26/2013.
Recitation 2: Outline Assembly programming Using gdb L2 practice stuff Minglong Shao Office hours: Thursdays 5-6PM Wean Hall.
Introduction to InfoSec – Recitation 2 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans Lecture 22: Unconventional.
Overflows & Exploits. In the beginning 11/02/1988 Robert Morris, Jr., a graduate student in Computer Science at Cornell, wrote an experimental, self-replicating,
CNIT 127: Exploit Development Ch 1: Before you begin.
Stack-based buffer overflows Yves Younan DistriNet, Department of Computer Science Katholieke Universiteit Leuven Belgium
What is exactly Exploit writing?  Writing a piece of code which is capable of exploit the vulnerability in the target software.
CS 155 Section 1 PP1 Eu-Jin Goh. Setting up Environment Demo.
Stack Usage with MS Visual Studio Without Stack Protection.
Buffer Overflow Attack- proofing of Code Binaries Ramya Reguramalingam Gopal Gupta Gopal Gupta Department of Computer Science University of Texas at Dallas.
Compiler Construction Code Generation Activation Records
CS642: Computer Security X86 Review Process Layout, ISA, etc. Drew Davidson
1 Assembly Language: Function Calls Jennifer Rexford.
Improvements to the Compiler Lecture 27 Mon, Apr 26, 2004.
ICS51 Introductory Computer Organization Accessing parameters from the stack and calling functions.
Section 5: Procedures & Stacks
Exploiting & Defense Day 1 Recap
Buffer Overflow Buffer overflows are possible because C doesn’t check array boundaries Buffer overflows are dangerous because buffers for user input are.
CS 177 Computer Security Lecture 9
Assembly function call convention
Return Oriented Programming
Exploiting and Defense
Intel Architecture.
C function call conventions and the stack
Computer Architecture and Assembly Language
Linux Userspace Process Memory Layout
Introduction to Information Security
143A: Principles of Operating Systems Lecture 4: Calling conventions
Aaron Miller David Cohen Spring 2011
Introduction to Compilers Tim Teitelbaum
High-Level Language Interface
Computer Architecture and Assembly Language
Discussion Section – 11/3/2012
Summary by - Bo Zhang and Shuang Guo [Date: 03/31/2014]
Machine-Level Programming 4 Procedures
Advanced Buffer Overflow: Pointer subterfuge
Assembly Language Programming II: C Compiler Calling Sequences
Discussions on HW2 Objectives
MIPS Procedure Calls CSE 378 – Section 3.
EECE.3170 Microprocessor Systems Design I
EECE.3170 Microprocessor Systems Design I
Discussions on HW2 Objectives
X86 Assembly Review.
Low-Level Thread Dispatching on the x86
ICS51 Introductory Computer Organization
Computer Architecture and System Programming Laboratory
Computer Architecture and System Programming Laboratory
Computer Architecture and System Programming Laboratory
Computer Architecture and System Programming Laboratory
Presentation transcript:

Exploiting & Defense Day 2 Recap

Shellcode! Example in one slide

mov eax <system_call_number> int 0x80 Arguments in: Syscalls How to call a syscall: mov eax <system_call_number> int 0x80 Arguments in: EBX ECX EDX …

Save ptr pointer allocate x32 Call Convention void main(void) { int blubb = 0; foobar(blubb); return; } void foobar (int arg1) { char compass1[]; char compass2[]; Save ptr &blubb SIP pointer SFP compass1 compass2 allocate push pop

x32 Call Convention Details add(): push 4 push 3 push EIP jmp add push ebp mov ebp, esp, sub esp, 0x10 … mov esp, ebp ; leave pop ebp ; leave pop eip ; ret

Stack based buffer overflow exploit 0xFF00 char firstname[64] SIP 0xAA00 CODE CODE CODE CODE CODE AA00 Jump to buffer with shellcode

Defeat Exploit Mitigations So… Intel Architecture Buffer Overflow Memory Layout C Arrays BoF Exploit Assembler Remote Exploit Shellcode Exploit Mitigations Function Calls Defeat Exploit Mitigations Debugging

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.