I wrote a simple program that used two functions with local variables one of which assigned predefined values to those and the other did not. The point was that variables with undefined values actually were always defined with known values. Here is a code: #include <stdio.h> And this is the output: arturko@ARTURKO-NOTE ~/homework So how is it possible that variables from the first function always define values for variables in second function. Lets take a look at asm code of the first function: (gdb) disas first We put values of the three variables starting at -0x10 address from the current pointer to the top of the stack and after the function restore this pointer to the initial value (add rsp, 0x10). So the stack itself now does not know about the values used in first, but those are still in memory next to the stack top. And when we call second function: (gdb) disas second The second function uses the same memory blocks for its variables as first did (+8, +11, +14). That is why the values are always predictable.
Now imagine a situation that first function reads a password, encrypts it and does whatever it needs. It is tested and safe, there is no way to hack it. Now the second function that goes right after the first deals with low risk information, it is tested badly, could have some overflow errors or wrong printf usage. At this point second function could help hacker to get unencrypted value from the memory. Looks like this book is really awesome if it made even me to reverse this example myself and make a logical conclusion.
0 Comments
Leave a Reply. |
NoticeI have removed Russian content from my website and now will post articles in English only. This is not because of some politics, Russian speaking people you are great, but just it is very hard to support bilingual web site in Weebly. For those who read my articles as usual I ask to click on a single advertisement banner on my web site. This gives me some credits and is free of charge for you. Archives
August 2016
Categories
All
|