Newsletter # 16 Understanding buffer overflows using Radare2 Jan 10 2020

Hello,

I'm back, I took a small break last week, no writing and no newsletter. I hope you had a delightful end of the holiday season. I'm ready to get back to my usual routine.

I've been travelling across time zones lately and thinking about time. Also, it's the end of a decade, so we should talk about that. I'm not sure if you remember the Y2K problem, it was caused by representing the year on a date using only the last two digits. That meant that 1997 was represented only as 97, all fine there, but when you get to 2,000 you'll get 00, and you won't know if you were talking about 1900 or 2000.

This year there are no significant issues, just a couple of games will stop working but nothing serious. It's always fun to use this time to reflect on what the future has for us and check the list of Time formatting and storage bugs ;). I think you'll find it interesting too, and make sure none of them will affect you.

Also, yesterday, January 9, was the 13th anniversary of the unveiling of the iPhone (2007). The iPhone made a change in the way we use our mobile phones. Check the keynote. It's a walk down memory lane.

In a related note, I saw the documentary/movie General Magic, super recommended. You know how much I enjoy tech history. I think you'll enjoy this documentary too. The documentary shows how not everything in Silicon Valley is about success stories. Some failures shaped our future. Seems like General Magic, the startup, influenced most of the technology we associate with the iPhone, but it was a long time before the iPhone. Watch it, and let me know what you think.

This week's post is about buffer overflows, I've been having fun playing with radare2, so it was the perfect excuse to use it and share with you some information on how to exploit buffer overflows. If you are interested here is the link:

https://rderik.com/blog/understanding-buffer-overflows-using-radare2/

Let me know if you have any questions.

Ok, that's it for this week. Until next time,

Derik

Tip of the week

I have to catch a plane in a few minutes, so the tip today is a quick one that if you follow me on Twitter, you probably saw.

You can use rasm2, an inline assembler/disassembler that comes with radare2, to obtain the hex representation of assembly code. Handy to obtain opcodes:

1
2

$ rasm2 -a x86 -b 32 'jne'
75fe

Or you can disassemble code directly from the command-line:

1
2

$ rasm2 -d "74fe"
je 0

Very useful when reversing.


** If you want to check what else I'm currently doing, be sure to follow me on twitter @rderik or subscribe to the newsletter. If you want to send me a direct message, you can send it to derik@rderik.com.