Skip to content

Before Getting Started

Running a Executable

Here we will look into how to run a executable file from the terminal .

So open terminal , for ubuntu users you can press the shortcut Ctrl+Alt+T ( Press Control , Alt and T keys simultaneous ).

Let's check what is inside the current directory

1
2
$ ls
bof.c bof

So there are two files bof.c and bof . The ls command printed out the list of all the files in the current directory.

1
2
3
4
5
$ file bof.c
stack-example.c: C source, ASCII text

$ file bof 
bof/bof: ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.6.24, BuildID[sha1]=ed643dfe8d026b7238d3033b0d0bcc499504f273, not stripped

file Command show us that . One is a text files and other is a ELF executable .

Lets try to run the binary.

1
2
$./bof
bash: ./bof: Permission denied

In Linux to run a executable file , the file should have the executable permission set , and if you try to run a file which does not have this permission set it will give a permission denied error , To assign executable premission to a file chmod command is used.

1
chmod +x ./bof

The above command gives the file bof executable permission. Now you can run ./bof inside your terminal to run.

Computer Memory

The computer you are using is like a powerful calculator. For a computer to perform tasks it has to store data or the input we enter through a keybord, its just like how the brain works; to think, make decisions, and act, it has to be supplied with knowledge through the sense organs which is stored in our memory.

In information security, it is key to understand how data is stored in memory. One among the many basic concepts is endianess.

Bit

Bit is smallest unit of information for a computer. A bit can either be 0 or 1 and thus can represent 2 values.

Byte

A collection of 8 bits make up a byte. Each bit can represent 2 values, 8 bits combined can represent (2^8) values.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
    1 bit - 0       0       (2^1) = 2 values
            1       1

    2 bit - 00      0       (2^2) = 4 values
            01      1
            10      2
            11      3       

    3 bit - 000     0       (2^3) = 8 values
            001     1
            010     2
            011     3
            100     4
            101     5
            110     6
            111     7           

As you can see here 2 bits have 4 combinations with 0 and 1, letting us represent 0,1,
2,3.

3 bits have 8, 4 bits have 16, so on and 8 bits have (2^8) = 256 combinations.
Thus we can store 256 values using a byte ranging from [0 - 255] or [0x00 - 0xff]

For convenience we wil be using hex values.

Significant byte

When considering a hexadecimal value like 0x10203040 having 4 bytes, the most significant byte is the starting byte 0x10 and the least significant byte is the last byte 0x40

Endianess

Endianess is the order in which bytes are stored in memory

There are two ways to doing it; big endian and little endian.

Big Endian

Storing data starting from the most significant byte

1
2
3
4
5
address = 0x1000        value = 0x10203040
    0x10000 : 0x10
    0x10001 : 0x20
    0x10002 : 0x30
    0x10003 : 0x40

Little Endian

Storing data starting from the least significant byte

1
2
3
4
5
address = 0x1000        value = 0x10203040
    0x10000 : 0x40
    0x10001 : 0x30
    0x10002 : 0x30
    0x10003 : 0x10

Endianess of a computer is specific to the architecture.

An intel 0x86 architecture follows the little endian