Buffer Overflow Issues Executable attack code is stored on stack,inside the buffer containing attacker's string -Stack memory is supposed to contain only data,but... Overflow portion of the buffer must contain correct address of attack code in the RET position -The value in the RET position must point to the beginning of attack assembly code in the buffer Otherwise application will crash with segmentation violation -Attacker must correctly guess in which stack position his buffer will be when the function is called 88 Executable attack code is stored on stack, inside the buffer containing attacker’s string ─ Stack memory is supposed to contain only data, but… Overflow portion of the buffer must contain correct address of attack code in the RET position ─ The value in the RET position must point to the beginning of attack assembly code in the buffer ● Otherwise application will crash with segmentation violation ─ Attacker must correctly guess in which stack position his buffer will be when the function is called Buffer Overflow Issues