ABSTRACT
This chapter explores the process of developing a simple stack-based overflow exploit on Windows; though there is a lot to exploit development this should be a great place to get started. It focuses on stack-based overflows, which are part of buffer overflows. The idea behind a buffer overflow is very simple: hacker provides an amount of input data to the program that is larger than its memory can handle, which causes the program to crash and adjacent memory locations get corrupted. In order to test for buffer overflows, hacker would need to look for an application that is already vulnerable. When the source code is available, it's very easy to find buffer overflows by doing a source code review. So the methodology hacker will follow for creating a simple stack-based overflow exploit which include hacker will create a fuzzer that sends data of various sizes and wait for the application to crash.
