Buffer overflow (simple rop technique)

I wrote an article explaining a simple ROP method.
I know there are articles out there explaining these stuff but what i believed they were lacking is that they didn’t take the time to get into much detail. So i thought i should give it a go.
So you can take a look at it and tell me what you think.

Very nicely done, thank you for that. We need more stuff like this as a community, more shared knowledge, especially for things we once found difficult that we now understand intimately.

Thank you for taking the time to read it, yeah for me buffer overflows was something that i always tried to avoid out of fear but now i can see that once you invest the right time in it, it is actually pretty simple.
So the purpose of my article its kind of an encouragement for other people to start learning these kind of concepts and not shy away like i did once, as this knowledge is easily comprehensible.

Awesome article! Thanks for taking the time to explain every little details, this really helps understanding.

Amazing article mate! I really liked it! Btw do you have any books or resources to recommend about binary exploitation etc?

thanks for this article!
Very interresting! keep it in my bookmark

@DaChef Yeah, i have a few, here:

As with everything, introduction is required.

Intro articles:

(Anatomy of a program)

(How Stack works 1:)

(Again another article explaining stack in great detail)
http://cryptroix.com/2016/10/16/journey-to-the-stack/

This is one of my first videos to understand the concept of buffer overflows :

Papers :

(Basic stack buffer overflow)

(Ret2libc)

(ASLR bypass Ascii armor bypass + ret2plt)

(Ret2reg - ASLR bypass)

I believe that should get you going for a while :slight_smile:

Thanks for the article and the links.

@avetamine said:
@DaChef Yeah, i have a few, here:

As with everything, introduction is required.

Intro articles:

(Anatomy of a program)
Anatomy of a Program in Memory | Many But Finite

(How Stack works 1:)
Journey to the Stack, Part I | Many But Finite

(Again another article explaining stack in great detail)
http://cryptroix.com/2016/10/16/journey-to-the-stack/

This is one of my first videos to understand the concept of buffer overflows :

Papers :

(Basic stack buffer overflow)
https://www.exploit-db.com/docs/english/28475-linux-stack-based-buffer-overflows.pdf

(Ret2libc)
https://www.exploit-db.com/docs/english/17131-linux-exploit-development-part-3---ret2libc.pdf

(ASLR bypass Ascii armor bypass + ret2plt)
https://www.exploit-db.com/docs/english/17286-linux-exploit-development-part-4---ascii-armor-bypass-return-to-plt.pdf

(Ret2reg - ASLR bypass)
https://dl.packetstormsecurity.net/papers/attack/lewt2-aslrbypass.pdf

I believe that should get you going for a while :slight_smile:

Thanks a lot! Ive seen the video too, was really mind opening!!

@DaChef im glad it helped you :wink:

thanks for documentation