Title

Understanding buffer overflow exploitation (22c3)

Description

Everything started with Aleph One's paper "Smashing the Stack for Fun and Profit". These techniques are still the basis for modern exploitation of buffer, heap and format string vulnerabilities. We will give a swift overview about C functions, stack usage, assembler, gcc, gdb and how these few tools can be used to understand and write shell-code to turn simple buffer overflows into backdoors that open whole systems to potential attackers. Sure you want to know how to defend against that. We also will tell you about that!

about this event: https://hacker-archive.org/assets/22C3/fahrplan/events/571.en.html

originalMediaLink

https://cdn.media.ccc.de/congress/2005/lectures/video/mp4-avc/320x240/22C3-571-en-understanding_buffer_overflow_exploitation.m4v

Date Issued

Tue, 27 Dec 2005 01:00:00 +0100

Source

https://media.ccc.de/v/22C3-571-en-understanding_buffer_overflow_exploitation

Beteiligte Person

Christiane Ruetten

Extent

00:59:15

Type

video/mp4

Tag

22c3, Hacking

Abstract

Everything started with Aleph One's paper "Smashing the Stack for Fun and Profit". These techniques are still the basis for modern exploitation of buffer, heap and format string vulnerabilities. We will give a swift overview about C functions, stack usage, assembler, gcc, gdb and how these few tools can be used to understand and write shell-code to turn simple buffer overflows into backdoors that open whole systems to potential attackers. Sure you want to know how to defend against that. We also will tell you about that!

about this event: https://hacker-archive.org/assets/22C3/fahrplan/events/571.en.html