Why Stack Overflows Happen
Key Takeaways
The video explains the conditions that make a stack overflow possible, a type of bug that can be exploited by hackers, with demonstrations and examples from Andrew Bellini, including a GitHub repository to try it out yourself.
Full Transcript
[Music] This one input to the sys call what's put into rdx is actually there to prevent buffer overflows from happening. But we need to explicitly tell the read sys call how many bytes will allow it to read in because it doesn't know the size of the buffer. So in this one like I have intentionally programmed this improperly in assembly where I'm going to allow 1,023 bytes to come in but we only have 512 on the stack allocated. So this is where in the program this vulnerability actually happens of like the poor coding. When this call gets run or when this call gets executed, what it's going to do is it's actually going to push onto the stack the return address of what's next. This is where that fundamental issue comes into play is that in the memory somewhere above the stack is where the next instruction is going to be executed. There's lots of protections in place, right, to try and stop that from being written to or accessed or jumped to code that it shouldn't. But like at the core of how processors work, like modern processors right now, it always there's no way to there's no way around that. So because of that then with our exploit if we overwrite the size of the stack plus 8 which is the caller's base pointer if we write anything past that it's going to go to the space in memory where the return address is. So when the when the program returns so if we actually go back to here to overflow me. So when we come here and we call return, essentially what this is doing is it's going to it goes and looks and grabs the address off of the stack above the stack that was written and it jumps to that. So it puts it in the instruction pointer. So that's essentially in a stack smashing attack and stack overflows what how we're going to uh impact this because once you have control over the instruction pointer then at that point now you have control over what the program is going to
Original Description
https://www.tcm.rocks/acad-ys - Get 50% off your first payment to the Academy as part of the TCM Security Summer Blowout! No promo code needed. Offer expires at 11:59 PM ET on June 30th.
What conditions make a stack overflow possible? Watch Andrew Bellini to see what must happen for this kind of bug to exist & how exploits can occur. As Bellini says, "Once you have control over the instruction pointer, then at that point, now you have control over what the program is going to do." Happy hacking!
Like this video? Be sure to subscribe to never miss a short, video, or livestream from the TCMS team!
Try it for yourself: https://github.com/digitalandrew/overflowme
#shorts #bufferoverflow #cybersecurity #thecybermentor #hacking #stackoverflow
Sponsor a Video: https://www.tcm.rocks/Sponsors
Pentests & Security Consulting: https://tcm-sec.com
Get Trained: https://academy.tcm-sec.com
Get Certified: https://certifications.tcm-sec.com
Merch: https://merch.tcm-sec.com
📱Social Media📱
___________________________________________
X: https://x.com/TCMSecurity
Twitch: https://www.twitch.tv/thecybermentor
Instagram: https://www.instagram.com/tcmsecurity/
LinkedIn: https://www.linkedin.com/company/tcm-security-inc/
TikTok: https://www.tiktok.com/@tcmsecurity
Discord: https://discord.gg/tcm
Facebook: https://www.facebook.com/tcmsecure
💸Donate💸
___________________________________________
Like the channel? Please consider supporting me on Patreon:
https://www.patreon.com/thecybermentor
Support the stream (one-time): https://streamlabs.com/thecybermentor
Hacker Books:
Penetration Testing: A Hands-On Introduction to Hacking: https://amzn.to/31GN7iX
The Hacker Playbook 3: https://amzn.to/34XkIY2
Hacking: The Art of Exploitation: https://amzn.to/2VchDyL
The Web Application Hacker's Handbook: https://amzn.to/30Fj21S
Real-World Bug Hunting: A Field Guide to Web Hacking: https://amzn.to/2V9srOe
Linux Basics for Hackers: https://amzn.to/34WvcXP
Python Crash Course, 2nd Edition: htt
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from The Cyber Mentor · The Cyber Mentor · 0 of 60
← Previous
Next →
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Buffer Overflows Made Easy - Part 1: Introduction
The Cyber Mentor
Buffer Overflows Made Easy - Part 2: Spiking
The Cyber Mentor
Buffer Overflows Made Easy - Part 3: Fuzzing
The Cyber Mentor
Buffer Overflows Made Easy - Part 4: Finding the Offset
The Cyber Mentor
Buffer Overflows Made Easy - Part 5: Overwriting the EIP
The Cyber Mentor
Buffer Overflows Made Easy - Part 6: Finding Bad Characters
The Cyber Mentor
Buffer Overflows Made Easy - Part 7: Finding the Right Module
The Cyber Mentor
Buffer Overflows Made Easy - Part 8: Generating Shellcode and Gaining Shells
The Cyber Mentor
HackTheBox - Sunday Walkthrough (Re-Up)
The Cyber Mentor
Networking for Ethical Hackers - TCP, UDP, and the Three-Way Handshake (Re-Up)
The Cyber Mentor
Networking for Ethical Hackers - Network Subnetting (Re-Up)
The Cyber Mentor
Networking for Ethical Hackers - Network Subnetting Part 2: The Challenge (Re-Up)
The Cyber Mentor
Networking for Ethical Hackers - Building A Basic Network with Cisco Packet Tracer (Re-Up)
The Cyber Mentor
HackTheBox - Fighter Walkthrough (Re-Up)
The Cyber Mentor
Beginner Linux for Ethical Hackers - Navigating the File System
The Cyber Mentor
Beginner Linux for Ethical Hackers - Users and Privileges
The Cyber Mentor
Beginner Linux for Ethical Hackers - Common Network Commands
The Cyber Mentor
Beginner Linux for Ethical Hackers - Viewing, Creating, and Editing Files
The Cyber Mentor
Beginner Linux for Ethical Hackers - Controlling Kali Services
The Cyber Mentor
Beginner Linux for Ethical Hackers - Scripting with Bash
The Cyber Mentor
Beginner Linux for Ethical Hackers - Installing and Updating Tools
The Cyber Mentor
Cracking Linux Password Hashes with Hashcat
The Cyber Mentor
Reminder: Twitch Hacking Live Stream Tonight! 2/26/19 at 8PM EST
The Cyber Mentor
Hacking Live Stream: Episode 1 - Kioptrix Level 1, HackTheBox Jerry, and Career Q&A / AMA
The Cyber Mentor
Hacking Live Stream: Episode 2 - HackTheBox Active, Vulnserver Buffer Overflow, and Career Q&A / AMA
The Cyber Mentor
Hacking Live Stream: Episode 3 - Hack The Box Blue, Devel, and Career Q&A / AMA
The Cyber Mentor
New Zero to Hero Pentest Course, New Website, and 2K Subs?!
The Cyber Mentor
Zero to Hero Pentesting: Episode 1 - Course Introduction, Notekeeping, Introductory Linux, and AMA
The Cyber Mentor
Zero to Hero Pentesting: Episode 2 - Python 101
The Cyber Mentor
Zero to Hero Pentesting: Episode 3 - Python 102, Building a Terrible Port Scanner, and a Giveaway
The Cyber Mentor
Zero to Hero Pentesting: Episode 4 - Five Phases of Hacking + Passive OSINT
The Cyber Mentor
Zero to Hero Pentesting: Episode 5 - Scanning Tools (Nmap, Nessus, BurpSuite, etc.) & Tactics
The Cyber Mentor
Zero to Hero Pentesting: Episode 6 - Enumeration (Kioptrix & Hack The Box)
The Cyber Mentor
Zero to Hero Pentesting: Episode 7 - Exploitation, Shells, and Some Credential Stuffing
The Cyber Mentor
Installing Windows Server 2016 on VMWare in 5 Minutes
The Cyber Mentor
Zero to Hero: Week 8 - Building an AD Lab, LLMNR Poisoning, and NTLMv2 Cracking with Hashcat
The Cyber Mentor
A Day in the Life of an Ethical Hacker / Penetration Tester
The Cyber Mentor
Active Directory Exploitation - LLMNR/NBT-NS Poisoning
The Cyber Mentor
Zero to Hero: Week 9 - NTLM Relay, Token Impersonation, Pass the Hash, PsExec, and more
The Cyber Mentor
Zero to Hero: Episode 10 - MS17-010/EternalBlue, GPP/cPasswords, and Kerberoasting
The Cyber Mentor
Writing a Pentest Report
The Cyber Mentor
Zero to Hero: Week 11 - File Transfers, Pivoting, and Reporting Writing
The Cyber Mentor
The Complete Linux for Ethical Hackers Course for 2019
The Cyber Mentor
Full Ethical Hacking Course - Beginner Network Penetration Testing (2019)
The Cyber Mentor
Popping a Shell with SMB Relay and Empire
The Cyber Mentor
Pentesting for n00bs: Episode 1 - Legacy (hackthebox)
The Cyber Mentor
Pentesting for n00bs: Episode 2 - Lame
The Cyber Mentor
Pentesting for n00bs: Episode 3 - Blue
The Cyber Mentor
Web App Testing: Episode 1 - Enumeration
The Cyber Mentor
Pentesting for n00bs: Episode 4 - Devel
The Cyber Mentor
Pentesting for n00bs: Episode 5 - Jerry
The Cyber Mentor
Web App Testing: Episode 2 - Enumeration, XSS, and UI Bypassing
The Cyber Mentor
Pentesting for n00bs: Episode 6 - Nibbles
The Cyber Mentor
Web App Testing: Episode 3 - XSS, SQL Injection, and Broken Access Control
The Cyber Mentor
How NOT to Approach a Cybersecurity Mentor
The Cyber Mentor
Web App Testing: Episode 4 - XXE, Input Validation, Broken Access Control, and More XSS
The Cyber Mentor
Pentesting for n00bs: Episode 7 - Optimum (hackthebox)
The Cyber Mentor
Pentesting for n00bs: Episode 8 - Bashed (hackthebox)
The Cyber Mentor
Pentesting for n00bs: Episode 9 - Grandpa
The Cyber Mentor
Top 5 Internal Pentesting Methods
The Cyber Mentor
More on: Security Basics
View skill →
Related AI Lessons
⚡
⚡
⚡
⚡
Security Belongs on the Blueprint
Medium · Cybersecurity
# A 4-Line HTML File Stole the Admin’s Secret — Intigriti LeakyJar CTF Writeup
Medium · Cybersecurity
The Digital Gateway to Arabic Cybersecurity
Medium · Cybersecurity
Cybersecurity vs Cloud Computing – Which Career Will Dominate 2026? ☁️
Medium · Cybersecurity
🎓
Tutor Explanation
DeepCamp AI