Smashing the Stack in 2010

Computer security nowadays is an issue that has a strong impact in all the ICT world. For instance, let us just think that the number of threats discovered in 2009 is about 30-35M, having an exponential increase with respect to previous years (according to an estimation of Kaspersky Labs over its users 1. However, the aspect that will be discussed in this document is related to a particular type of vulnerabilities called Buffer Overflows. In detail, what will be investigated is the behaviour of Buffer Overflow in modern Linux and Windows architectures, taking up the work that AlephOne did in his famous paper, and try to refashion it to the present, considering also for example, all the protections that the software companies have introduced into their products in order to counter the Buffer Overflow phenomenon. In fact, the issues that AlephOne analyzed in the far 1996 are very different from what a researcher that nowadays wants to retrace his footsteps would find: however, a lot has been done in order to mitigate this problem but this is absolutely not enough. First of all we are going to analyze all the basical theoretical aspects behind the concept of Buffer Overflows: in this way words as pointers, opcodes, shellcodes will be less mysterious and can help the reader to understand the content of this work. Subsequently the paper will analyze in detail all the aspects and mechanisms that regulate the way in which Buffer Overflow works on Linux and Windows architectures taking with particular care also the countermeasures introduced until nowadays for both the mentioned operating systems. In addition, for some of them we are going also to try some tricks to bypass these protections, in order to exploit the vulnerability even if a countermeasure has been adopted in the modern operating systems.