- Stack smashing is a form of buffer overflow
Concepts Needed:
- Basic C programming
- Memory and pointers
- The Stack and the Heap
- ASCII
- Endianness
Concepts Needed:
- C Calling Convention
- Execution pointers
- Processor registers
Concepts Needed:
- Text segments (how programs execute)
- Basic assembly programming (especially jumps)
- The NOP sled
Concepts worth covering:
- Code (text) and data separation in memory (DEP)
- Randomized address spaces (ASLR, PIE)
- Compiler protections against overflows (e.g. gets warnings, canaries, clang's "safe stack")
Examples of stack exploits or similar conceptual things in the wild:
- Heartbleed (unbounded reads of process memory from unprivileged user)
- Super Mario World Speedruns!
- PoC||GTFO
- Phrack
- DEFCON and CTFs