nerdexam
GIAC

GCIH · Question #612

What makes setting the return pointer a difficult task when creating a buffer overflow exploit?

The correct answer is A. The dynamic nature of the stack. Because the stack is very dynamic, it can be difficult to find the exact location of the start of the executable code you push onto the stack. Bu putting a large number of NOP instructions at the beginning of the exploit, the attacker improves the odds that the guessed return poi

Vulnerability Exploitation & Privilege Escalation

Question

What makes setting the return pointer a difficult task when creating a buffer overflow exploit?

Options

  • AThe dynamic nature of the stack
  • BThe encryption strength of the stack
  • CThe NOP sled blocking entry to the stack
  • DThe stack does not understand machine code

How the community answered

(19 responses)
  • A
    84% (16)
  • C
    11% (2)
  • D
    5% (1)

Explanation

Because the stack is very dynamic, it can be difficult to find the exact location of the start of the executable code you push onto the stack. Bu putting a large number of NOP instructions at the beginning of the exploit, the attacker improves the odds that the guessed return pointer will work. As long as the guessed address jumps back into the NOP sled somewhere, the attacker's code will soon be executed. The code will do nothing, nothing, nothing, nothing, and then run the attacker's code.

Topics

#buffer overflow#return pointer#stack exploitation#dynamic stack

Community Discussion

No community discussion yet for this question.

Full GCIH Practice