I accept my fault here at <+8>
I accept my fault here at <+8>
Guys, I am stuck at only one point:-
0x08048485 <+17>: lea -0xc(%ebp),%eax
0x08048488 <+20>: mov %eax,(%esp)
0x0804848b <+23>: call 0x8048374 <gets@plt>
0x08048490 <+28>: lea -0xc(%ebp),%eax
0x08048493 <+31>: mov %eax,(%esp)
0x08048496 <+34>: call 0x80483a4 <puts@plt>
Why the hell does it get the -12 offseted bytes and places it just under the stack. And again the same thing it does before putting it to screen.
well, anyways cya in the evening. I'll try to post the vid.
The argument for gets() and puts() is the address of the buffer which is at an offset -0xc from ebp more precisely the buffer starts @ address ebp-0xc. About the mov %eax,(%esp) part, it is equivalent to pushl %eax . All it does is pass the parameter for the gets() and puts() .
Last edited by sebas_phoenix; 09-05-2012 at 01:24 PM.
@marc_kriss - Hey buddy, that's the nice work you're doing here. Really appreciate your efforts. The day I'll start learning assembly, yours and SecurityTube's vidoes will be in my must watch list.
Cheers.
Regards,
RahulB
Anyone who stops learning is old, whether at twenty or eighty. Anyone who
keeps learning stays young. The greatest thing in life is to keep your mind young.
- Henry Ford
Thanks Rahul...It is really an honor to have such complement. But these videos are based on what i learnt from Vivek Ramachandran videos and an E-book (mentioned by B0nd)- Assembly programming from ground up.
Last edited by marc_kriss; 09-05-2012 at 09:56 PM.
An introductory video on buffer overflow, its detection and protection by Operating System.
Assembly programming- understanding buffer overflows part-1
Assembly programming understanding buffer overflows part 1 - YouTube
The second part is quite struggling because OS is not allowing me to overwrite the return address and divert it with my own function. May be when i find other ways of vulnerability into it.
Assembly programming- understanding buffer overflows part-2:-
http://youtu.be/D90pvvI66f4
Last edited by marc_kriss; 09-07-2012 at 12:03 AM.
hey marc_kriss,
thanx a lot for the videos! i've been always meaning to learn assembly language. These videos would be helpful for me.![]()
Hello friends...A question to all mates out there. Is this knowledge enough for signing up for PWB(training course for OSCP) ? In fact i started learning Assembly for preparing for PWB. Though I tried to leave some help for beginners in assembly as i learnt. About my prep! - i have full knowledge of CCNA, decent C,C++, python, CEH (not advanced), learnt Redhat linux. So do you advice me to proceed for signing up for PWB?