Hobbies / Books

2025

Hacking

1Textbook

The material felt outdated and not relevant at least for my needs.

0x200

Multi-User file permission (linux)

-rwxrwxrwx

user, group, other

s in the place of first x means the program is given the ability to run as if it were the root user

this type of permission is called suid (set user ID)

When program is executed, user’s euid (effective user ID) is changed to the uid of the program’s owner and this is changed back when the program execution ends

sgid (set group ID) permission does the same thing with the effective group ID

Memory

EIP (extended instruction pointer) holds the address of the currently executing instruction

little endian

0x12345678 → 0x78563412

Program memory is divided into segments

text (sometimes called code)

instructions of the program are located (write permission disabled)

Execution loop

#

Read the instruction that EIP is pointing to

#

Add the byte-length of the instruction to EIP

#

Execute the instruction that was read in step 1

#

Go step 1

data

initialized global variables, strings, and other constants that are used through the program

Writable but fixed size

bss

uninitialized counterparts

Writable but fixed size

heap

rest of the program variables

dynamic size

memory within heap managed by allocator and deallocator algorithms

the growth of the heap moves downward toward higher memory addresses

stack

dynamic size

used to store context during function calls

passed variables

where EIP should return to after the function is finished

ESP register

used to keep track of the address of the end of the stack

grows toward lower memory address

EBP register

used to reference variables in the current stack frame

each stack frame contains

parameters of the function

its local variables

two pointers that are necessary to put things back the way they were

SFP (saved frame pointer)

used to restore EBP to its previous value

return address

used to restore EIP