The material felt outdated and not relevant at least for my needs.
0x200
Multi-User file permission (linux)
-rwxrwxrwx
user, group, other
s in the place of first x means the program is given the ability to run as if it were the root user
this type of permission is called suid (set user ID)
When program is executed, user’s euid (effective user ID) is changed to the uid of the program’s owner and this is changed back when the program execution ends
sgid (set group ID) permission does the same thing with the effective group ID
Memory
EIP (extended instruction pointer) holds the address of the currently executing instruction
little endian
0x12345678 → 0x78563412
Program memory is divided into segments
text (sometimes called code)
instructions of the program are located (write permission disabled)
Execution loop
Read the instruction that EIP is pointing to
Add the byte-length of the instruction to EIP
Execute the instruction that was read in step 1
Go step 1
data
initialized global variables, strings, and other constants that are used through the program
Writable but fixed size
bss
uninitialized counterparts
Writable but fixed size
heap
rest of the program variables
dynamic size
memory within heap managed by allocator and deallocator algorithms
the growth of the heap moves downward toward higher memory addresses
stack
dynamic size
used to store context during function calls
passed variables
where EIP should return to after the function is finished
ESP register
used to keep track of the address of the end of the stack
grows toward lower memory address
EBP register
used to reference variables in the current stack frame
each stack frame contains
parameters of the function
its local variables
two pointers that are necessary to put things back the way they were
SFP (saved frame pointer)
used to restore EBP to its previous value
return address
used to restore EIP