Data: Version 1st: 2010/10/26
2nd:
Preface
Since 1980s, someone outside China began to discuss the attack methods of overflow. However, it was not noticed at the time until the disclosure by some researchers, especially the classic article on overflow in Phrack, a famous hacker magazine, led many people to enter the ranks of overflow researchers, since then, the issue of buffer overflow has attracted much attention. With the deepening of overflow research, many overflow attack tutorials began to appear on the Internet, exposing a lot of overflow exploitation technologies, especially the classic call/jmp esp, which resulted in endless overflow attack cases. This has also attracted the attention of Microsoft. They have added various overflow protection mechanisms to windows systems and VC ++ compilers to try to prevent such attacks. Unfortunately, after every announcement of the overflow protection mechanism, someone soon announced the bypass method. Every time MS said that a protection mechanism would be the last day of overflow, but it was a pity that it was terminated every time. In addition, the overflow struggle between hackers and Microsoft has continued.