I'm going to plug my buddy Craig's really good paper on Smashing the modern stack which is an update for Aleph One's Smashing The Stack For Fun And Profit'.
From the forward:
When it comes to buffer overflows, 'Smashing The Stack For Fun And Profit' by Aleph One is still the first resource many people are directed towards, and for good reason; it is thorough, well written, and chock-full of examples. However, the GNU C compiler has evolved since 1998, and as a result, many people are left wondering why they can't get the examples to work for them, or if they do get the code to work, why they had to make the changes that they did. Having these same problems myself, and being unable to find an updated version of Aleph One's document on the web, I set out to identify the source of these variations on my own.
Link: http://www.craigheffner.com/security/stacksmash.html
No comments:
Post a Comment