Basics Of Binary Exploitation

Those who are interested in starting up with binary exploitation this is the best blog to start up with. Binary exploitation seems to be like a strange topic but ones when you start doing it then you will not stop doing it. Basically to get started up with binary, you need to know how the Process memory is organised and how the stack is framed.
Processes are mainly divided into three regions:Text region, Data region, and Stack region.

Text region contains the data of program and the executable file. You can only read the data and if you to try to write the data it will throw you segment violation.

For the easy way of understanding Data segment is divided into three segments:Data, BSS and Heap. Data region contains global and static variables used in the program. The segment is further classified into two areas they are: read-only data and read-write area. BSS segment (Uninitialized data) all global variables and static variables that are initialized to zero.Heap is usually managed by malloc,free,realoc etc where the dynamic memory allocation is done

Stack is a  type of abstract data type.and it is a LIFO which means “Last In First Out”. The entire operations of the stack is controlled by kernel. It is a continuous block of memory containing data in which the bottom of the memory is fixed (higher memory address).  Mainly there are two operations in collection of data they are ‘push’ and ‘pop’   addition of entity to the stack  is ‘push’ and subtraction of entity is ‘pop’. Register pointing to the top of the stack is Stack Pointer(SP) which changes automatically based on the operation and register pointing to bottom of the stack is Base Pointer(BP). With the help of small code we will see how the stack is framed.

#include<stdio.h>                                                                                                                                                                                                                 

int add(int , int);              

int main(int argc , char **argv )

 {                                                                                                                                                                                                                                              

           int  i ;

           int j;

           int sum;

           sum= add(i,j);                                                                                                                                                                                                                                             

           printf(“Sum of two numbers = %d”,sum);    //assume that the address is 0xbfff8866

           return 0;

}

int add(int i , int j)

{

          int sum=i+j;

          return sum;

}

The above given image describes, how the stack is framed for the above problem:

         

The best article to refer is “Smash The Stack For And Profit” written by Aleph One. That documentation describes about the Buffer Overflows which is a common kind of venerability found in C.  In my next blog I will describe how to use gdb(GNU debugger). 

I have published a article on this, that got published in OSFY.