Basic Exploits : Stack Operations



Note: Hacking is not a joke so please keep patience and learn it step by step.

Stack Operations

First and the most important topic to learn the basics of Exploits is Stack Operations . Until you don’t have the knowledge of how stack works ? What are the operations you can perform on stack? -You cant perform Exploitation because the method we are going to share is through stack-overflow and buffer-code overflows . So it is recommended to go through this tutorial before learning exploits.

What are stacks and what does they do ?

The stack is one of the most interesting capabilities of an operating system. There are too many examples which can explain stack well but the best one is by comparing it to stack of trays in marriage parties or in cafeteria .
There is a simple rule to put and take a tray:
The last number of tray you put on the last can be taken as first . For Example: Let there are 50 trays in the stack now you want to 51th tray in the stack , you will add it on the top of stack. Similarly if you want take out 49th tray , you also should take out 51th and 50th tray.
More Formally , in computer science terms ,the stack is a data structure that has the quality of a first in, last out (FILO) .
basic linux exploits ch-2

The process of putting items on the stack is called push and is done in assembly code language(We will write tutorials on it when, we will find it’s need ) with push command . Likewise , the process of taking an item from the stack is called pop and is accomplished with the pop command in assembly language code.
In memory, each process maintains its own stack within the stack segment of memory . There are two important registers deal with the stack : Base pointer(BP) and Stack Pointer(SP) for 16-bit registers , Extended Base Pointer (ebp) and Extended Stack Pointer(esp)  in 16-bit registers while rbp and rsp in 64-bit regiters (an addressing mode was added to allow memory references relative to RIP (the instruction pointer), to ease the implementation of position-independent code, used in shared libraries in some operating systems.)

Bacic Exploits : Stack Operations
As you can see in the above fig. ebp register is the base of the current stack frame of a process(higher address)  while esp register always points to the top of the stack (lower address) .