akde/infosec

Click Here

  • Stack protection

    The stack can be pro­tect­ed against buffer overflows. Stack protection with canaries Like in a coal mine, a canary can pro­vide an indi­ca­tion if some­thing goes wrong. Here, a canary is a defined val­ues which is added between the buffer (where an attack­er will start writ­ing the pay­load) and the SFP Stack Frame Point­er and…

  • ROP Return-oriented programming

    On the return-to-libc post, we described the process of inject­ing a sys­tem call with para­me­ters via envi­ron­ment vari­ables to start a new process. But this requires to exe­cute anoth­er pro­gram (which maybe no avail­able on the target). Instead of call­ing sys­tem we can call oth­er instruc­tions from some­where in the mem­o­ry. But it would be…