This location says what instruction should be executed next.
If the variable C is filled with data coming from the user(from the network, from a file or from command line), the user might overwrite that EIP memory location.
This location says what instruction should be executed next.
In a very simple scenario, the new EIP would contain the address of the shellcode that is the malicious code that the attacker wants to run on the machine.
And understanding Buffer Overflow involves a good understanding of x86 architecture and stack works.
If you want to learn more about x86 architecture I recommend this book.
댓글 없음:
댓글 쓰기