Shell code exploit with Buffer overflow

Continuing with the previous blog on life of function on the stack (https://medium.com/@jain.sm/life-of-functions-on-stack-9a5479e1a2ff), here we explain how a buffer overflow on the stack can be orchestrated.

Its an exploit to corrupt the memory and divert the normal flow of execution of a program. This is achieved by basically controlling the Instruction Pointer.

Lets start with a very basic understanding of things like buffer overflows. Buffer overflow is a condition where the program writer forgets to do a bounded check on the buffer size and this allows the attacker to put more data then what the buffer can hold. This data then spills up to adjoining memory areas. As an example of a stack layout as explained in last blog, if there is a vulnerability, the buffer can be made to overflow to write to the memory location holding the return address.

Take an example below

void copyData (char* data)

{

char buff[10];

strcpy(buff,data);

}

int main (int argc, char *argv[])

{

copyData(argv[1]);

return 0;

}

The function copyData takes as input character stream and using the strcpy function copies this into a buffer.

As discussed in last blog, a call to copyData results in