Exploiting a stack overflow vulnerability with Metasploit
A stack is a memory region where all of the return addresses, function parameters, and local variables of the function are stored. It grows downward in memory (from a higher address space to a lower address space) as new function calls are made. A simple example of how the stack is utilized by a program is as follows:
void somefunction(int x, int y) { int a; int b; } void main() { somefunction(5, 10); printf("Program Ends"); }
In the preceding code, we can see that the very first line of the program makes a function call to somefunction
with two integer parameters, which are 5 and 10. Internally, this means that before making a jump to somefunction
, our EIP register points to the address of somefunction
in the memory. What happens next is that control is passed onto somefunction
and after its execution completes, the...