Buffer Overflow Primer Part 3 (Executing Shellcode)

Welcome to Part 3 of the Buffer Overflow Primer. If you have not already done so, please start this series by viewing Part 1. The Buffer Overflow Primer requires that you know at least some basic Assembly Language. I have created a series of Assembly Language video tutorials for Hackers here, for those not familiar with the language.

In the last video we saw how to create shellcode from assembly language code, this video will concentrate on how to execute the shellcode from within a C program to check that it is working properly. In order to do this, we will use the exit() shellcode which we created in the last video. We then use ShellCode.c to launch the shellcode. During this demo we will discuss how the main() function is actually invoked by the __libc_start_main routine, which sets up the environment for the program and also cleans up after main() returns. We will see how it is possible to change the return address on the stack (RET) to point to our shellcode and have it execute.

Vivek Ramachandran is a security evangelist and has been working in computer security related fields for the past 7 years. In 2007, Vivek spoke at world renowned conferences Defcon (WEP Cloaking Exposed) and Toorcon (The Caffe Latte Attack). The discovery of the Caffe Latte Attack was covered by CBS5 news, BBC online, Network World etc news agencies.In 2006, Vivek was announced as one of winners of the Microsoft Security Shootout contest held in India among 65,000 participants. He has also been a recipient of a Team Achievement at Cisco Systems for his work on 802.1x and Port Security modules on the Catalyst 6500 switches. Currently he spends all of his time maintaining Security- Freak.Net , SecurityTube.Net and is the co-founder of Axonize. Vivek, is a Bachelor in Electronics and Communications Engineering from the prestigious Indian Institute of Technology, Guwahati.You can contact him at vivek[at]securitytube.net