Before Getting Started¶
Running a Executable¶
Here we will look into how to run a executable file from the terminal .
So open terminal , for ubuntu users you can press the shortcut
Ctrl+Alt+T ( Press
T keys simultaneous ).
Let's check what is inside the current directory
$ ls bof.c bof
So there are two files
bof . The
ls command printed out the list of all the files in the current directory.
1 2 3 4 5
$ file bof.c stack-example.c: C source, ASCII text $ file bof bof/bof: ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.6.24, BuildID[sha1]=ed643dfe8d026b7238d3033b0d0bcc499504f273, not stripped
file Command show us that . One is a text files and other is a ELF executable .
Lets try to run the binary.
$./bof bash: ./bof: Permission denied
In Linux to run a executable file , the file should have the executable permission set , and if you try to run a file which does not have this permission set it will give a permission denied error , To assign executable premission to a file chmod command is used.
chmod +x ./bof
The above command gives the file
bof executable permission. Now you can run
./bof inside your terminal to run.
The computer you are using is like a powerful calculator. For a computer to perform tasks it has to store data or the input we enter through a keybord, its just like how the brain works; to think, make decisions, and act, it has to be supplied with knowledge through the sense organs which is stored in our memory.
In information security, it is key to understand how data is stored in memory. One among the many basic concepts is endianess.
Bit is smallest unit of information for a computer. A bit can either be 0 or 1 and thus can represent 2 values.
A collection of 8 bits make up a byte. Each bit can represent 2 values, 8 bits combined can represent (2^8) values.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
1 bit - 0 0 (2^1) = 2 values 1 1 2 bit - 00 0 (2^2) = 4 values 01 1 10 2 11 3 3 bit - 000 0 (2^3) = 8 values 001 1 010 2 011 3 100 4 101 5 110 6 111 7 As you can see here 2 bits have 4 combinations with 0 and 1, letting us represent 0,1, 2,3. 3 bits have 8, 4 bits have 16, so on and 8 bits have (2^8) = 256 combinations.
For convenience we wil be using hex values.
When considering a hexadecimal value like 0x10203040 having 4 bytes, the most significant byte is the starting byte 0x10 and the least significant byte is the last byte 0x40
Endianess is the order in which bytes are stored in memory
There are two ways to doing it; big endian and little endian.
Storing data starting from the most significant byte
1 2 3 4 5
address = 0x1000 value = 0x10203040 0x10000 : 0x10 0x10001 : 0x20 0x10002 : 0x30 0x10003 : 0x40
Storing data starting from the least significant byte
1 2 3 4 5
address = 0x1000 value = 0x10203040 0x10000 : 0x40 0x10001 : 0x30 0x10002 : 0x30 0x10003 : 0x10
Endianess of a computer is specific to the architecture.
An intel 0x86 architecture follows the little endian