Stack smack – introducing buffer overflows
Earlier in the chapter, we learned about the magical world of the stack. The stack is very orderly and its core design assumes all players are following its rules – for example, that anything copying data to the buffer has been checked to make sure it will actually fit.
Note
Although you can use your latest Kali Linux to set this up and study the stack and registers, stack execution countermeasures are built into the latest releases of Kali. We recommend using a different flavor of Linux (or an older version of Kali or BackTrack) to see the exploit in action. Regardless, we'll be attacking Windows boxes in Chapter 10, Windows Shellcoding.
Before we start, we need to disable the stack protections built into Linux. Part of what makes stack overflows possible is being able to predict and manipulate memory addresses. However, Address Space Layout Randomization (ASLR) makes this harder, as it's tough to predict something that's being randomized. We'll discuss...