Simple Stack Overflows

Stack Overflows occur when a user passes data larger then the array designed to carry it can handle. This causes values in the stack to be over written including the instruction pointer. By using a debugger it is possible to determine the exact point at which an instruction pointer is overwritten allowing for the attacker to gain control of the processes execution. This is often mitigated with security controls such as Data Execution Prevention (DEP), Adress Space Layout Randomization (ASLR), and Control Flow Guard(CFG) which has drastically increased the difficulty of exploit development over the years.

The following exploit DB Page has an example of using a stack overflow in a web application to crash a web service https://www.exploit-db.com/exploits/43200

Controlling EIP

Step 1 : Determine where in the buffer overflow that EIP is over written. This can be done by sending either a uniqu string of non repating 4 byte chunks or by sending 400 of one character and 400 another (repeat until discovered). Kali linux has a built in tool called msf-pattern_create which can be used to create the unique pattern.

# msf-pattern_create -l string_length

msf-pattern_create -l 1337