Still the best paper on the subject. and 20 years later, the technique works.
Today In Infosec @todayininfosec
8 Nov 2016
"Smashing The Stack For Fun And Profit" was published by Elias Levy (aka Aleph One) in the hacker zine Phrack.
2
4
2
Doesn't work on modern OSes with kernel-based stack protection, e.g. DEP on Windows, Linux 2.6.8+, OpenBSD 3.3+.
1
1
mastropaolo.com/2005/06/04/b…
1
Right, sure. But the basic technique in Elias' paper is blocked by NX support.
4
yep. but it works on some IoT with older chip sets.
1
Replying to @randymarchany
. @randymarchany @tootsierollpop8 First wide-spread buffer overflow pre-dates Elias' Phrack article by many years. Can you name it?

Nov 8, 2016 · 9:05 PM UTC

6
2
Replying to @hal_pomeranz @tootsierollpop8
Morrison 1988 fingers but I seem to remember an earlier one not counting the ones i wrote accidentally :-)
1
1
more replies
Replying to @hal_pomeranz @tootsierollpop8
found my c opy of computer security planning tech doc from 1972.
1
1
more replies
Replying to @hal_pomeranz @randymarchany @tootsierollpop8
Morris worm?
1
Replying to @hal_pomeranz @randymarchany @tootsierollpop8
didn't the Morris work exploit a buffer overflow in fingerd? or was it a different vuln?
1
1
Replying to @hal_pomeranz @randymarchany @tootsierollpop8
"Da Vinci". Everyone knows that ;) #Hackers
1
1
1
Replying to @hal_pomeranz @randymarchany @tootsierollpop8
Ooo… This is like the SANS T-Shirt game! :) :)
1