Get colorful MAN page in Ubuntu

Getting colorful MAN in Ubuntu is very easy and it is also looks good.

You can have them by using the following commands:

sudo apt-get install most
export PAGER="most"  

Installing GDB -PEDA in Ubuntu

After facing many difficulties i installed GBD – PEDA, it’s is really awesome. It makes a lot of difference, if you have used older GDB.

First, install lib:
$sudo apt-get install libncurses5-dev

Than download it using GIT:

$git clone https://github.com/longld/peda.git ~/peda

After than you type the following command:

$echo “source ~/peda/peda.py” >> ~/.gdbinit

After following the above steps, Now type gdb. If you still get the older version than follow the below steps.

First remove the gdb version with:

 sudo apt-get remove gdb

Next download the old package from:

i386: http://security.ubuntu.com/ubuntu/pool/main/g/gdb/gdb_7.4-2012.02-0ubuntu2_i386.deb

amd64: http://security.ubuntu.com/ubuntu/pool/main/g/gdb/gdb_7.4-2012.02-0ubuntu2_amd64.deb

Install the package with any package manager you like e.g the ubuntu software center

Now gdb-peda works.

CPU Registers and their functionality

Registers are the internal memory locations which are used as variables.  Using registers instead of memory to store values makes the process faster. Very broadly there are four types of Registers they are General purpose registers, index registers, segment registers, pointer registers, and indicator register.

General purpose registers:

EAX, EBX, ECX, EDX.

Index registers:

ESI, EDI.

Segment registers:

CS, DS, ES, FS, GS, SS.

Pointer registers:

EIP, ESP, EBP.

Indicator register:

EFLAGS.

Functions of some Registers:

Register             Function

EAX                 Stores the return value.

EBX                  Base pointer for memory access.

ECX                  Counter for loop counter and strings.

EDX                 io pointer and arithmetic.

ESI                   source pointer for string operations

EDI                   Destination pointer for string operations

EIP                   Points to next instruction address to be executed.

ESP                  Stack pointer

EBP                 Base pointer and holds the base address of the stack.

Basics Of Binary Exploitation

Those who are interested in starting up with binary exploitation this is the best blog to start up with. Binary exploitation seems to be like a strange topic but ones when you start doing it then you will not stop doing it. Basically to get started up with binary, you need to know how the Process memory is organised and how the stack is framed.
Processes are mainly divided into three regions:Text region, Data region, and Stack region.

Text region contains the data of program and the executable file. You can only read the data and if you to try to write the data it will throw you segment violation.

For the easy way of understanding Data segment is divided into three segments:Data, BSS and Heap. Data region contains global and static variables used in the program. The segment is further classified into two areas they are: read-only data and read-write area. BSS segment (Uninitialized data) all global variables and static variables that are initialized to zero.Heap is usually managed by malloc,free,realoc etc where the dynamic memory allocation is done

Stack is a  type of abstract data type.and it is a LIFO which means “Last In First Out”. The entire operations of the stack is controlled by kernel. It is a continuous block of memory containing data in which the bottom of the memory is fixed (higher memory address).  Mainly there are two operations in collection of data they are ‘push’ and ‘pop’   addition of entity to the stack  is ‘push’ and subtraction of entity is ‘pop’. Register pointing to the top of the stack is Stack Pointer(SP) which changes automatically based on the operation and register pointing to bottom of the stack is Base Pointer(BP). With the help of small code we will see how the stack is framed.

#include<stdio.h>                                                                                                                                                                                                                 

int add(int , int);              

int main(int argc , char **argv )

 {                                                                                                                                                                                                                                              

           int  i ;

           int j;

           int sum;

           sum= add(i,j);                                                                                                                                                                                                                                             

           printf(“Sum of two numbers = %d”,sum);    //assume that the address is 0xbfff8866

           return 0;

}

int add(int i , int j)

{

          int sum=i+j;

          return sum;

}

The above given image describes, how the stack is framed for the above problem:

         

The best article to refer is “Smash The Stack For And Profit” written by Aleph One. That documentation describes about the Buffer Overflows which is a common kind of venerability found in C.  In my next blog I will describe how to use gdb(GNU debugger). 

I have published a article on this, that got published in OSFY.