Changing Stack Based Variables with a Buffer Overflow

Get authenticated

• https://www.owasp.org/index.php/Buffer_Overflow
• http://www.cse.scu.edu/~tschwarz/coen152_05/Lectures/BufferOverflow.html

Changing Program Execution Flow with Stack Based Buffer Overflow

Make the program execute code that it would otherwise would not have executed

• http://insecure.org/stf/smashstack.html

Changing Program Execution Flow by Returning to User Controlled Data with a Stack Based Buffer Overflow

Make the program execute code (shellcode) by tricking the program into thinking that your input is a function pointer

Changing Program Execution Flow by Chaining Together Existing Code from the Program with a Stack Based Buffer Overflow

Make the program execute certain functions in a sequential order. ASLR should be enabled for this problem.

• https://blog.skullsecurity.org/2013/ropasaurusrex-a-primer-on-return-oriented-programming

Changing Program Execution Flow by Performing a Return To Libc attack with a Stack Based Buffer Overflow

Modify the program's GOT in order to trick the program into calling a series of ROP gadgets which end up spawning a shell. ASLR should be enabled for this problem.

• https://css.csail.mit.edu/6.858/2012/readings/return-to-libc.pdf