Interactive guide to Buffer Overflow exploitation

bordplate | 169 points

I hope somebody else remembers "Smashing the stack for fun and profit" by Aleph1.

antirez | 4 years ago

I love the latest commit messages at the emulator repo :)

"Fuck you JavaScript, an array with 1 int in it is not a fucking number. Why are you like this you piece of rotten garbage"

I share your hatred :)

A very nice guide and introduction both to x86 asm and buffer overflow. Thanks for this.

s5ma6n | 4 years ago

The cute little emulator, which was linked in the article: https://github.com/bordplate/js86. I am curious how they came up with the ABI for variadics, though…

saagarjha | 4 years ago

Someone should contact https://explorabl.es/ because this seems like an explorable exploration!

mettamage | 4 years ago

There is one thing here that I don't really understand:

In the first 2 examples, it says:

"If you pop (fetch) a value from the stack, RSP decreases by 8"

But when I step through it, it seems to add 8 on a pop, not subtract (and vice versa for push), or am I missing something?

pelliphant | 4 years ago