How buffer overflow attacks work?

An overflowing text on buffer overflow attacks.

What is a buffer overflow attack? An attack where the attacker has control over your program, your EIP (Instruction Pointer Register) by corrupting memory can be labelled as buffer overflow attack. Readers can stop here if they feel this is enough:). Please note such attacks mostly happen on programs compiled from C/C++ as they provide programmers to access any region of program memory without any checks.

C/C++ programs run in the free world!

To understand how one can take control, we first need to understand how a compiled program sees memory and how function calls take place.

Memory layout of a "compiled" program

• A process (running program) sees memory as contiguous region of bytes, labelled from 0 to some arbitrary size set by OS overlords.
  • Physically they might not be contiguous, they are organized into pages and are logically mapped to appear continuous.
  • 
  • the .text section has your compiled code, .data has string and other constants, .bss section to keep static and global variables.

Stack and function call

** Work in Progress **

Overflow and rule