IDS Evasion Design Tricks for Buffer Overflow Exploits

IDS Evasion Design Tricks for Buffer Overflow Exploits

Black Hat via YouTube Direct link

Finding return address

25 of 32

25 of 32

Finding return address

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

IDS Evasion Design Tricks for Buffer Overflow Exploits

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Brief reminder
  3. 3 Simple illustration
  4. 4 Mismanaged bounds check
  5. 5 Size restrictions?
  6. 6 250 bytes example
  7. 7 Another design concept
  8. 8 Double injection
  9. 9 How to find descriptor
  10. 10 "Might" be possible?
  11. 11 Correct return address?
  12. 12 Pop another frame
  13. 13 Situation #1 illustrated
  14. 14 Calculate return address
  15. 15 Function calls
  16. 16 Why do they look like this?
  17. 17 Clean return requirement
  18. 18 Server
  19. 19 Initial injection
  20. 20 First payload
  21. 21 Find socket descriptor
  22. 22 Using the socket
  23. 23 Second payload
  24. 24 Still using the same socket
  25. 25 Finding return address
  26. 26 Code
  27. 27 Restore internal registers
  28. 28 Summary
  29. 29 Benefits
  30. 30 IDS Countermeasures
  31. 31 Other countermeasures
  32. 32 Questions?

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.