{"guid":"import-f46b9a6a2d546305c8","title":"Understanding buffer overflow exploitation","subtitle":"The fascinating interplay of CPU, stack, C-compiler and shellcode in a nutshell","slug":"22C3-571-en-understanding_buffer_overflow_exploitation","link":"http://events.ccc.de/congress/2005/fahrplan/events/571.en.html","description":"Everything started with Aleph One's paper \"Smashing the Stack for Fun and Profit\". These techniques are still the basis for modern exploitation of buffer, heap and format string  vulnerabilities. We will give a swift overview about C functions, stack usage, assembler, gcc, gdb and how these few tools can be used to understand and write shell-code to turn simple buffer overflows into backdoors that open whole systems to potential attackers. Sure you want to know how to defend against that. We also will tell you about that!\n","original_language":"eng","persons":["Christiane Ruetten"],"tags":["22c3"," Hacking"],"view_count":563,"promoted":false,"date":"2005-12-27T01:00:00.000+01:00","release_date":"2007-12-29T01:00:00.000+01:00","updated_at":"2026-03-11T06:45:04.492+01:00","length":3555,"duration":3555,"thumb_url":"https://static.media.ccc.de/media/congress/2005/22C3-571-en-understanding_buffer_overflow_exploitation.jpg","poster_url":"https://static.media.ccc.de/media/congress/2005/22C3-571-en-understanding_buffer_overflow_exploitation_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2005/import-f46b9a6a2d546305c8-timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2005/import-f46b9a6a2d546305c8-thumbnails.vtt","frontend_link":"https://media.ccc.de/v/22C3-571-en-understanding_buffer_overflow_exploitation","url":"https://api.media.ccc.de/public/events/import-f46b9a6a2d546305c8","conference_title":"22C3: Private Investigations","conference_url":"https://api.media.ccc.de/public/conferences/22c3","related":[{"event_id":710,"event_guid":"import-996ee6767784dc2e88","weight":2},{"event_id":713,"event_guid":"import-815c7442f3da8d756e","weight":1},{"event_id":725,"event_guid":"import-e6b3200a23ed44995e","weight":2},{"event_id":737,"event_guid":"import-26327c95883d3939d5","weight":4},{"event_id":756,"event_guid":"import-61262399b0beda7cb0","weight":1},{"event_id":760,"event_guid":"import-e0dc3d63d8c85c7c2f","weight":1},{"event_id":765,"event_guid":"import-ec99415102c530a179","weight":1},{"event_id":769,"event_guid":"import-b2af0e61f8de12a218","weight":2},{"event_id":772,"event_guid":"import-d6c23abc0101cdf909","weight":1},{"event_id":779,"event_guid":"import-3fc3fd435d6c28ebca","weight":1},{"event_id":783,"event_guid":"import-888da0e302611c285a","weight":1},{"event_id":805,"event_guid":"import-a7100f85ea482235a4","weight":1},{"event_id":811,"event_guid":"import-57ec6bf04e9a6b0c37","weight":1},{"event_id":813,"event_guid":"import-c37d6e2bd9f4f412fa","weight":1},{"event_id":814,"event_guid":"import-52afc66c4fe5654a0d","weight":1},{"event_id":815,"event_guid":"import-e3bf427a6d2ffaa0a2","weight":1},{"event_id":821,"event_guid":"import-a1a1cc355460e393a5","weight":1},{"event_id":834,"event_guid":"import-a5e037ae18a0585a58","weight":1},{"event_id":845,"event_guid":"import-9aa26412eb8a583273","weight":1},{"event_id":847,"event_guid":"import-3aae12cacdafcdcae7","weight":1},{"event_id":853,"event_guid":"import-d5b993915f58107a0b","weight":1},{"event_id":858,"event_guid":"import-0fa6485c220df5e791","weight":1},{"event_id":862,"event_guid":"import-0f3021b09bdc4b986b","weight":1},{"event_id":867,"event_guid":"import-951b951bbc36e5c5d7","weight":1},{"event_id":869,"event_guid":"import-76a88a1e7144ed0e8b","weight":1},{"event_id":879,"event_guid":"import-7d27a5ec4fcd8ee9be","weight":2},{"event_id":885,"event_guid":"import-21a7d876450c6cf8e6","weight":1},{"event_id":893,"event_guid":"import-e848aa3a18f08fcdfa","weight":1},{"event_id":904,"event_guid":"import-d0f7647cadbc7a6918","weight":1},{"event_id":906,"event_guid":"import-2fe8f5f454423d73a8","weight":2},{"event_id":910,"event_guid":"import-94276250016fb6922a","weight":1},{"event_id":917,"event_guid":"import-2623e5399f12d9c994","weight":1},{"event_id":924,"event_guid":"import-8bf1e2b44448e3f277","weight":1},{"event_id":929,"event_guid":"import-184dd05c328f44989b","weight":1},{"event_id":930,"event_guid":"import-72982e43dc1e8c1cbc","weight":1},{"event_id":932,"event_guid":"import-ac419b4bf7a1293785","weight":3},{"event_id":937,"event_guid":"import-a5b28e74fa416095e9","weight":1},{"event_id":945,"event_guid":"import-c8564d288716d88de3","weight":1},{"event_id":962,"event_guid":"import-95be4c3ebe752a2303","weight":1},{"event_id":968,"event_guid":"import-2c717701c0484bd4cd","weight":2},{"event_id":971,"event_guid":"import-f8d674bfb833cf8fe0","weight":1},{"event_id":976,"event_guid":"import-53997037a1b9e9ceb3","weight":1},{"event_id":981,"event_guid":"import-f40727e65f49ca9683","weight":1},{"event_id":986,"event_guid":"import-a2d753a1d1e21d0b29","weight":1},{"event_id":990,"event_guid":"import-7317225cacc9eb4d71","weight":1},{"event_id":1002,"event_guid":"import-d1a2539c03d11cc281","weight":1},{"event_id":1019,"event_guid":"import-e9b440ff02ce09ca59","weight":1},{"event_id":1020,"event_guid":"import-8fb016024e60722cef","weight":2},{"event_id":1031,"event_guid":"import-9d34a07f70755058e7","weight":1},{"event_id":1034,"event_guid":"import-475cf38d0e695ee755","weight":1},{"event_id":1037,"event_guid":"import-d36e7bab6f1646de7f","weight":1},{"event_id":1039,"event_guid":"import-f31ce8e8ede86842b2","weight":1},{"event_id":1041,"event_guid":"import-7f7937ab691a2b98e6","weight":1},{"event_id":1042,"event_guid":"import-b766adc19ddd01d9b4","weight":2},{"event_id":1043,"event_guid":"import-21d05b6ae105e4a388","weight":1},{"event_id":1110,"event_guid":"import-b59b49e433ecf74450","weight":2},{"event_id":1136,"event_guid":"import-0b0bb700744d6dcda6","weight":1},{"event_id":1138,"event_guid":"import-e7ef1b335f3993af93","weight":1},{"event_id":1231,"event_guid":"import-84e7d1004fd236a83d","weight":1},{"event_id":1236,"event_guid":"import-16ec3c15e8c1912ab4","weight":2},{"event_id":1251,"event_guid":"import-fb1aefc36f7a295121","weight":1},{"event_id":1254,"event_guid":"import-2a8d0099b181354d29","weight":1},{"event_id":1270,"event_guid":"import-b01de4e5ea4f6f641f","weight":1},{"event_id":1278,"event_guid":"import-c061c38bfc1a4656a5","weight":1},{"event_id":1309,"event_guid":"import-85069872c1089c4360","weight":1},{"event_id":1343,"event_guid":"import-dec7979f6876685173","weight":1},{"event_id":1346,"event_guid":"import-e9df7801eb432bf49e","weight":1},{"event_id":1428,"event_guid":"import-8caea0cb6ec40f1246","weight":1},{"event_id":1604,"event_guid":"import-006ecab1019284581b","weight":1},{"event_id":1704,"event_guid":"import-a9812440f38232930c","weight":1},{"event_id":1728,"event_guid":"3poSeUcpc6woNaI5dhATcQ","weight":1},{"event_id":1817,"event_guid":"GjMyYKOlFIvTVBV1gI_1SA","weight":2},{"event_id":1833,"event_guid":"bJDjDUHLd0Y6wLncMd5Unw","weight":1},{"event_id":2308,"event_guid":"f0cdbbeb-2478-4f17-b50e-ec584b44bffe","weight":1},{"event_id":2513,"event_guid":"bd046a46-8398-4b6f-b4e3-34f34e6f1ecc","weight":1},{"event_id":2688,"event_guid":"zellulaerer_automat","weight":1},{"event_id":2820,"event_guid":"1d7d4787-c77a-4e6e-9398-f3b4dcaa3587","weight":1},{"event_id":2826,"event_guid":"9ab1407a-126f-48d9-898d-eae7974324e9","weight":2},{"event_id":2899,"event_guid":"0c8f0e98-92ee-42ba-aa75-04fc50344904","weight":1},{"event_id":3602,"event_guid":"48e016a4-5683-4bda-8976-98f1dbf62787","weight":1},{"event_id":3640,"event_guid":"700a07e7-a9c4-437b-a4c5-4491b23a9b4a","weight":1},{"event_id":3646,"event_guid":"f32a1a13-b244-4a1d-a6cf-99c5e3bdad27","weight":1},{"event_id":3671,"event_guid":"4ef69e6a-026f-4b30-888d-af654b220a3d","weight":2},{"event_id":3676,"event_guid":"f6811c99-96af-44d5-b82d-5afe826b2caf","weight":1},{"event_id":3689,"event_guid":"1f7eb981-2819-4824-8f40-4ddde0be7bf3","weight":1},{"event_id":3695,"event_guid":"c300b194-2a85-4705-92aa-b4e789882303","weight":1},{"event_id":3731,"event_guid":"bc638f9f-0370-42f9-b83c-f85cca4ca38d","weight":1},{"event_id":3743,"event_guid":"72e44333-c59a-47a4-9ef3-d5e8c9637eb6","weight":1},{"event_id":3762,"event_guid":"25e2df7d-5740-4c2f-bc34-986326d606fe","weight":2},{"event_id":3763,"event_guid":"8fbee7ff-b50c-4310-af9d-d44794669f25","weight":1},{"event_id":4391,"event_guid":"c2d5346f-bd26-43c3-8c19-bbcdf52cd6e3","weight":1},{"event_id":4396,"event_guid":"b5188ef7-b244-48fc-826e-7603cd1d7837","weight":1},{"event_id":4444,"event_guid":"338b865c-b072-45f1-a8bc-54775999e794","weight":1},{"event_id":4457,"event_guid":"da3e484f-a48f-44c6-819d-1a15669f6ed7","weight":1},{"event_id":4482,"event_guid":"8a24c98b-0092-490d-bb7d-7252795bb08c","weight":1},{"event_id":4767,"event_guid":"f2ca3661-30c8-476e-9d6b-920bb20b21eb","weight":1},{"event_id":4768,"event_guid":"a13dc0d2-55af-4b60-a07c-1786094da593","weight":1},{"event_id":4789,"event_guid":"684193b5-696e-495f-88eb-04f8d3114e01","weight":1},{"event_id":4794,"event_guid":"a2887b4a-0c9d-4220-a52f-c65c20ae25d7","weight":1},{"event_id":4814,"event_guid":"991aceeb-d25f-4f59-9317-bf438775a215","weight":1},{"event_id":4815,"event_guid":"f6265504-14b2-41e6-a134-6fec8c00cee4","weight":1},{"event_id":4826,"event_guid":"16645200-2036-4a3c-a44d-a5ff44ac2991","weight":1},{"event_id":4830,"event_guid":"5cf8c222-47d3-4741-9324-be182b4d0fb8","weight":1},{"event_id":4837,"event_guid":"664f6c37-2fab-4191-a5d6-042aba7518c3","weight":1},{"event_id":4846,"event_guid":"832b8fb8-beb1-4d92-93d0-ba3b7568905a","weight":1},{"event_id":4866,"event_guid":"117a52b4-f675-49dd-aafe-659c07b6bc9c","weight":1},{"event_id":4900,"event_guid":"e4eaa421-652a-4309-9e04-fe46aa3da50d","weight":1},{"event_id":4929,"event_guid":"8e222759-cd6b-403b-8fe1-3517bf7d2802","weight":1},{"event_id":4930,"event_guid":"9a0efbf6-94d6-4c86-864c-caa1f3e929c7","weight":1}],"recordings":[{"size":123,"length":3555,"mime_type":"audio/ogg","language":"eng","filename":"22C3-571-en-understanding_buffer_overflow_exploitation.ogg","state":"downloaded","folder":"lectures/audio/ogg","high_quality":true,"width":320,"height":240,"updated_at":"2014-05-10T15:26:38.735+02:00","recording_url":"https://cdn.media.ccc.de/congress/2005/lectures/audio/ogg/22C3-571-en-understanding_buffer_overflow_exploitation.ogg","url":"https://api.media.ccc.de/public/recordings/1801","event_url":"https://api.media.ccc.de/public/events/import-f46b9a6a2d546305c8","conference_url":"https://api.media.ccc.de/public/conferences/22c3"},{"size":123,"length":3555,"mime_type":"video/mp4","language":"eng","filename":"22C3-571-en-understanding_buffer_overflow_exploitation.m4v","state":"downloaded","folder":"lectures/video/mp4-avc/320x240","high_quality":true,"width":320,"height":240,"updated_at":"2016-01-27T11:03:20.315+01:00","recording_url":"https://cdn.media.ccc.de/congress/2005/lectures/video/mp4-avc/320x240/22C3-571-en-understanding_buffer_overflow_exploitation.m4v","url":"https://api.media.ccc.de/public/recordings/1800","event_url":"https://api.media.ccc.de/public/events/import-f46b9a6a2d546305c8","conference_url":"https://api.media.ccc.de/public/conferences/22c3"}]}