Stack Based Buffer Overflows on x86 (Windows) – Part I

I wrote this article in Romanian, in 2014, and I decided to translate it, because it is a very detailed introduction in the exploitation of a “Stack Based Buffer Overflow” on x86 (32 bits) Windows.

Introduction

This tutorial is for beginners, but it requires at least some basic knowledge about C/C++ programming in order to understand the concepts.

The system that we will use and exploit the vulnerability on is Windows XP (32 bits – x86) for simplicity reasons: there is not DEP and ASLR, things that will be detailed later.

I would like to start with a short introduction on assembly (ASM) language. It will not be very detailed, but I will shortly describe the concepts required to understand how a “buffer overflow” vulnerability looks like, and how it can be exploited. There are multiple types of buffer overflows, here we will discuss only the easiest to understand one, stack based buffer overflow.

Continue reading “Stack Based Buffer Overflows on x86 (Windows) – Part I”

Hello, world!

I decided to start a blog.

I will try to write as much as possible, but this will not happen too often.

I will probably talk about my projects, NetRipper and Shellcode Compiler, reverse engineering or exploit development, but I will also try to cover web application security.

Previous blog posts

I previously wrote a few blog posts on securitycafe.ro:

About me

You can find more information about me on the About me page.