Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: regarding phrack49's stack smashing tutorial

From: dapatil () HOTMAIL COM (Darshan Patil)
Date: Mon, 15 May 2000 02:30:39 +0530

Hi,
The stack can start from any address actually. You get the same address
running your test programs because, the stack hasn't changed much from the
value allotted to you. Try exporting a few variables or logging in as
another user and then run your test programs. The value of you stack pointer
will change.

Also the address you get does not map onto the physical RAM because it is
not supposed to. Read about Virtual Memory to understand it.

Also the zip file contains some documents on overflows.

Hope this helps

--Darshan

----- Original Message -----
From: Christian Hammers <ch () WESTEND COM>
To: <VULN-DEV () SECURITYFOCUS COM>
Sent: Sunday, May 14, 2000 12:26 AM
Subject: regarding phrack49's stack smashing tutorial


Hello list

I'm learning about stack overflows from Aleph's article in Phrack #49.

Now I wonder about the following sentences:
"The answer is that for every program the stack will start at
the same address."
Why does it and more specific *where*? I wrote some test programs and
saw that is always 0xbffff6c6 +- 0xff. But it changes sometimes.
What is so special about this 0xbffffffff address and by the way
this address never fits into my 64M memory.... !

If anybody know other documents which explains buffer overflows I would
appreciate any information.

thanks,

 -christian-

--
Linux - the choice of the GNU generation.          Join the Debian Project
                                                     http://www.debian.org
Christian Hammers * Oberer Heidweg 35 * D-52477 Alsdorf * Tel: 02404-25624
50 3C 52 26 3E 52 E7 20  D2 A1 F5 16 C4 C9 D4 D3  1024/925BCB55 1997/11/01



<HR NOSHADE>
<UL>
<LI>application/x-zip-compressed attachment: stack.zip
</UL>
Previous By Date Next
Previous By Thread Next

Current thread: