1. Если вы только начинаете программировать на ассемблере и не знаете с чего начать, тогда попробуйте среду разработки ASM Visual IDE
    (c) на правах рекламы
    Скрыть объявление

STACK doubts

Тема в разделе "WASM.ENGLISH", создана пользователем ipwn, 16 фев 2009.

  1. ipwn

    ipwn New Member

    Публикаций:
    0
    Регистрация:
    22 дек 2008
    Сообщения:
    35
    i have some basic questions to ask related to the stack

    1) what is the stack? just an abstract data type and data structure? or its part of memory(hardware of computer)?

    2) how can i manipulate the stack?

    3) what vulnerabilities exist/exploit the stack?

    4) what degree of knowledge need a person in order to exploit vulnerabilities related to the stack?
     
  2. simnet_

    simnet_ New Member

    Публикаций:
    0
    Регистрация:
    18 дек 2007
    Сообщения:
    109
    Right, stack is an abstract data type (or data structure - as you wish). But it is so convenient to use (much more then ordinary variables), so some commands to manipulate with it were built into processor (thus they perform faster - its hardware implementation!).
    actually stack - is just an area of memory (and you can write there, or read bytes just like any other memory part), but using its benefits (when you put smth in there using PUSH my_word or POP my_word) you can achive some intresting results. For example, imagine u call a function from your program. you write (in C language) my_function_name(). When CPU reaches that, it puts the address of the next command (that should've been executed) into stack, and jumps to the address of the function entry. When the function's end is reached, CPU just POP's saved address from stack and jump over there. So the function call in your code looks like just a one CPU command. If you've a function func1, which calls func2, and that one calls func3, CPU simply PUSHes address (where to return) into stack, and after every function is finished it POPs that address.
    And yes, the local variables of your function for some reasons are stored into stack also. So writing to the variable more data then a variable can handle (for example, if this variable is an array of 10 elements, and you write in your code smth like myarray[11] = 0) may "damage" the data into stack, that doesn't correspond to that variable. For example, that returning address from a function. If you "damage" it smartly, you can make a function return to the specified by you address. For example, special code, that...
    its classical vulnerability, and almost its impossible to find out these one in a real world (its too well known :)), and there are some others.
    What do you need? You need to learn assembly, need to know how do these functions called and executed, know CPU intructions, you need know some programming languages. And you've to be intrested its not easy
    Have fun
     
  3. deLight

    deLight New Member

    Публикаций:
    0
    Регистрация:
    26 май 2008
    Сообщения:
    879
    ipwn
    At first u need to stop asking so primitive questions and learn how to learn it by your own.
     
  4. ipwn

    ipwn New Member

    Публикаций:
    0
    Регистрация:
    22 дек 2008
    Сообщения:
    35
    simnet_,
    thank you very much for providing some answers.
    deLight,
    i prefer to ask to the persons who know the right answers, about the questions, they can be "newbie", "primitive", i really dont care, if i have doubts why not asking to persons/places where they can give answers? im not interesting in answers such as "use google", im interesting in listening diferent answers/solutions by the persons who have experience. about learning by own, it a task that spend time, and since you already talk about it, please give some sugestions or rules that should be followed in order to achieve knowledge.
     
  5. deLight

    deLight New Member

    Публикаций:
    0
    Регистрация:
    26 май 2008
    Сообщения:
    879
    ipwn
    Mmm.. I think that's much more faster even to google smth, than to wait for answer on forum.
    Any stack doubts disappearing after a few pages of any asm-manual (a half of which will be picture of stack with strange arrows and numbers).

    > im not interesting in answers such as "use google", im interesting in listening diferent answers/solutions by the persons who have experience.

    For nothing. What different solutions in so primitive basics?? You can ask for ABC any first-former as well as professional linguist with ages of experience, can't u? But that is another matter when u know ABC and wish to understand, how to exploit one of your girlfriend's stack vulnerabilites to have some sex on weekend, right?? Only it this case you start appreciating... "mmm.. maybe it will be faster to ask on forum, cuz i've tried and still no results, still no books with explanation found".

    So.. as u've said... "it a task that spend time". Yes! But it's altho a task that makes u not so lazy as u are ,) That's only in my opinion of course.
     
  6. ipwn

    ipwn New Member

    Публикаций:
    0
    Регистрация:
    22 дек 2008
    Сообщения:
    35
    so, for the stack description i can read intel manuals.
    still no further explanation about the buffer.
    can someone explain the difference between the buffer and the stack?
    also, maybe provide source code samples for a better understanding? it would be nice =)
     
  7. SL7549

    SL7549 New Member

    Публикаций:
    0
    Регистрация:
    24 мар 2009
    Сообщения:
    17
    buffer is a part of memory that can be stored in the stack or in any other place. if it's stored in the stack and for example user inputs more data than the buffer's size (i.e. size of reserved part of the stack for the buffer) the return address may be overriden and so on.
     
  8. green

    green New Member

    Публикаций:
    0
    Регистрация:
    15 июл 2003
    Сообщения:
    1.218
    Адрес:
    Ukraine
    ipwn
    You require no specific knowledge to just exploit those vulnerabilities. There are many ready to use utils - all you need is to run such utility and specify a victim. But if you really want to understand how things work and develop your own exploits you will need understand architecture of the target CPU, operating system and application. And of course general programming background is required.
    Often while studying all those things a person realizes that there are better goals for his knowledge and skills. :derisive:
     
  9. ipwn

    ipwn New Member

    Публикаций:
    0
    Регистрация:
    22 дек 2008
    Сообщения:
    35
    can someone provide pratical examples?(source code samples in c)

    i know, im not interested in this toys.
    architecture of CPU - x86
    operating system - unix,win
    application - daemons,etc