- in x64, x86 and most arch architectures the stack grows towards lower stack addresses
Function
Parameters
Return Function
Base Pointer
Buffer
three gdb plugins for exploitation: pwndbg, GEF and peda
ropper = show binary information and find ROP and JOP gadgets to build chains for different architectures
pip install pwntools (cyclic, hex, unhex)
gdb pwndbg
https://github.com/pwndbg/pwndbg
parrot linux is a kali derivative (which is turn derives from debian)
- gcc vuln.c -o vuln -fno-stack-protector -z execstack -no-pie -m32
- "checksec -file ./vuln" to see what protections is enabled/disabled