I am having an strugle with this concepts . are they the same thing?
A stack overflow is a stack overflow, and that’s it. You overflowed on the stack. What you are calling a “traditional” stack overflow is not useful at all except to make it easier to see your input in hex. Your “Function Pointer Overwrite” is not going to be very realistic in the real world because there’s not often a “win” function to redirect to. “Saved Return Pointer Overwrite” is just another way to abuse a stack overflow. Once you’ve overflowed the stack, it can’t be said where to go from there because it is always going to be application dependent and there will be a near infinite number of ways to go about exploiting from there.
Those concepts are not the exact same but they are related. Function pointer overwrites, as well as return pointer overwrites, are possible because of buffer overflows.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.