How To: Attack on Stack [Part 1]; Smash the Stack Visualization: Introduction to Memory, Registers and Assembly.

Attack on Stack [Part 1]; Smash the Stack Visualization: Introduction to Memory, Registers and Assembly.

Attack on Stack [Part 1]; Smash the Stack Visualization: Introduction to Memory, Registers and Assembly.

Hi everyone.

Recently I've been studying some topics about Assembly, memory and exploitation, and thought I could write something nice, easy and fast about it, just because I like to share what I learn, and probably sharing what you learn and trying to explain it to a stranger is the best way to learn it better. It worked for me, and I hope it will be useful for you too.

Introduction

"Smash the Stack for Fun and Profit" by Aleph1 and "Hacking, the Art of Exploitation" by Jon Erickson caught my attention and trapped me into a cage of knowledge. Learning became addictive for me. Literally.

But I then I realized I had to face real life and stopped this.

They kept me thinking how could some random bytes thrown here and there possibly build something of unbelievably clever. The cases you could find me literally crying tears of joy in December/June were not that rare. This job came out at perfectly timing: it was 1 or 2 months nobody had ever heard me on Null Byte, and I needed something to publish: fast, easy to write and easy to understand: the idea of documenting the ^nth stack buffer overflow report with pictures came out pretty soon. When I sat in front of the computer, then I realized: I have a Mac, I do't know what to use to create the pictures, I don't know where to start from, I'm missing two keys on my Mac's keyboard, and I am not a teacher, neither a designer, and on top of that, I am not an english teacher.

But the desire of joining "those who expressed themselves on stack buffer overflow" was too high. And I pushed it. And pushed.

And it worked! Don't know how, don't know why, but I could finally do it.

I hope this will be helpful for those of you who would like to approach assembly, hacking and exploiting, but I'm not pretending this to be a well done job. I'd like this to be not only my opinion about this topic and a list of all the cool definitions I've written to easily remember difficult concepts, but a starting point for those interested in this. If you told me you'd like to learn how does the x86 processor work, I'd tell you to go and read the job of those I've mentioned before.

So, What Is This All About?

This guide is a comprehensive explanation of how assembly interacts with memory and how does it work, comprehensive but basic, it means that I stopped where I stopped with explanations, and you, as I've done to bring this to you, will have to dig deeper on the internet to find what are you really looking for.

The peculiarity of this job is that it is made of pictures (hope they are at least eye-candy), to be able to explain the topic by moving freely in 3 directions and make pictures and text interact. While, of course, anyone who talked about this did the same things (there's actually a plenty of .ppts around there), I tried to embed all those little tricks I found and use to understand the topic easier. While I hope that this will be useful as a standalone, I don't recommend you to read only this, just for the simple fact that, without any doubt, you can't understand any of it just by looking at this. You will have to research and exercise yourself at every step.

As always, I'm sorry for any unclear part because of my english, but I'm not a native speaker.

The guide is organized using Null Byte's Gallery function, so that the first picture will be a representative picture of the mini-topic for the following pictures in the gallery.

Today's Topic

Today's topic is about the fundamental concepts. We are telling the rules to play the game. This should be pretty straight forward- to read.

But I definitely recommend you to be sure you understood everything before we continue: from personal experience I can tell you that trying to climb mirrors is useless. We will start with a very straight forward introduction to Memory, Segments, Stack, Registers and Assembly. Don't panic if you don't understand something: I will repeat the same concepts more and more time in different ways to consolidate them and will eventually break to do a summary of what I've explained. If you need help, there is a comment section where you and I can learn more thanks to other people's doubts and thoughtful insights. The concepts explained here will be then evaluated in the next editions of this series, consider this only as an introduction. We will then explore a little bit of the Assembly syntax and then we will stop with some useful references to other topics.

Any doubt? Don't hesitate to ask.

Null Byte users: I encourage you to answer to the questions in this comment section too, as there are people here which are way more prepared about this than me!

Introduction; Memory Segments, Stack and Registers Fundamentals.

Where we introduce the topic and make some examples. Notice that anything I'm writing in this guide cay be reproduced on any version of Kali Linux, since that's the most common used OS on Null Byte.

This was officially tested on Kali Linux x86.

An Alternative Way of Imaging the Memory

The way I used to think about the memory was very particular, and it helped me a lot:

Out on the Battlefield

Where we setup the code to disassemble and study and explain how to use gcc and gdb's main commands.

Assembly from Outer Space

Where we explain the first main things about GDB's output and disassembling.

References

Aleph1's "Smashing the Stack for Fun and Profit"
"Hacking, The Art of Exploitation"
"Buffer Overflow Demistified" by murat.
"The Shellcoder's Handbook"
Part 2 of "Attack on Stack"
Part 3 of "Attack On Stack"
Part 4 of "Attack On Stack"
Part 5 of "Attack On Stack"
Part 6 of "Attack On Stack"
Prelude to Reverse Engineering: IDA and Hopper Binary Patching Introduction

Side Note to Null Byte Users

Hey everyone! How's it going?

I've just completed my latest job. All the pictures to upload (around 90) are ready. I only miss some after notes and previews, but there's time.

I've been working so hard on this I literally blew up my computer's keyboard (t and n keys are gone).

I'm planning to publish a little bit less frequent than weekly. What do you think? Even if you don't know in how many parts is this guide divided, would it be considered spamming? Also, admins, if you have to delete this for any reason: do it, it's your job. But please provide me another way to publish it.

I'd like to sincerely thank the entire community of Null Byte. Everyone.

These are complicated days for me (nothing special, just life, like everyone else has his own things to do), but whenever I feel tired or unmotivated, I remember of this community. I remember of all of you who, while having their own life, contribute to this "thing" to grow bigger and bigger. And bigger. Brian posted some amazing statistics lately, we are rocking guys! A lot of new people have been joining Null Byte lately, and some of them publish very interesting content, don't stop!

I'm so excited to be part of this. To be fair, I've been looking for a community to contribute to for so long. First Youtube, I used to record piano covers. Unfortunately, the world was full of it, and no original content for me.

When I published my first article here (which is not that far away, around 10 months), the very first kudos I got, made my day shine like never before. You are everyday making my days shine like never before. My english has finally reached an acceptable level, enough to be understood on the internet (I guess) thanks to the need of communicating.

I'd like to give a special thank to the user CyberHitchHiker for supporting me and making things clear when they were not. He was the one who told me to not give this up. Those days have been a hell for me. I followed his advice, and I'm so proud of this, sincerely, thanks.

So yeah, people, thanks for believing in 00byte!

Can you guess the main theme of the guide?

19 Comments

I like the way you wrote . Fantastic !!!
Whether you write articles monthly or yearly, They are always cool and well explained.

Well done. ( There is no way to give more than 1 kudos, so i guess you can hv 1 )

# Sergeant

Like, seriously? That made my day man!
I don't actually write frequently, and sure I don't write in english.
It's the magic of Null Byte.
Btw, thanks Sergeant.

Good Job, Ciuffy!

Hope life allows you to continue to be a valuable part of our community.

Thanks, I guess life will allow me to stick around enough to annoy you all.

You've clearly put a lot of effort into this, and I'm glad you did, it's very informative. And with the English, I was able to understand everything just fine. I'm very interested in this topic myself, so I look forward to more of this.

Thanks. So i think you are going to have fun with this, check the links too!

You are the greatest!
"I'd like to give a special thank to the user CyberHitchHiker"
My Honor my friend, Congratz on your new found talents.

Thanks, Null Byte is the greatest.

The only thing I suggest is to Water mark your images.

Don't know why, I didn't think about it. Will do it asap.

I've told you before and I'll say it again, your English is fantastic, worlds better than people I meet every day.

You've done a fantastic job on this and, like OTW, I also hope you're able to stick around and continue to contribute.

With that said, do you have a link for these statistics? I had a look around and couldn't find anything.

EDIT: I also wanted to note that I'm so glad you found the community you were looking for. Happy to have you here, you're a very valued member here, in my opinion anyway.

ghost_

Overwhelming, speechless! Thanks!

For the statistics, I was referring to Bryan's report on WHT 2014 and the views that our posts get.

Awesome! Thank you for this! I'm really excited to dive deeper into this topic. Plus your English is great! Better than mine, and I am a native speaker haha. Sad but true :/

Thank you for the feedback!
Well I'm quite excited to publish the entire job too, I hope you will enjoy it.
I just need to figure out how frequently should I publish the parts.

This is awesone, I just started checking out your links. Glad I found this website. I am new to this stuff and want to learn alot.

Have a nice stay ;-)

Where are you from? From some of your sayings, I suspect you may be Italian? In fact I actually have some Italian friends, so I know a little.

Tu sei un grande squalo :P I think you may be making me some shoes right now :)

It's public knowledge that I am Italian. Is it so obvious?

Hey there, Ciuffy,

If you're still wandering around here, may I ask you a couple of questions?

  1. Did you write that C code by yourself?
  2. If so, may I have permission to use it in one of my future articles?

By the way, absolutely amazing series on stack smashing, hopefully I'll be able to clear things up if people still have trouble understanding.

dtm.

Share Your Thoughts

  • Hot
  • Latest