Tech Rain

技術需要雨水滋潤才能成長茁壯

It's Inndy speaking.

x86 ELF Stack Overflow Jmp Esp (Rsp) Trick

2017/01/24 12:27

In short: You can find jmp esp (jmp rsp) gadget in almost every dynamic linked ELF binary.

Here's a common _start from a x86 ELF binary:

080488d3 <_start>:
 80488d3:       31 ed                   xor    ebp,ebp
 80488d5:       5e                      pop    esi
 80488d6:       89 e1                   mov    ecx,esp
 80488 …

Continue reading »