What you've learned

You should now know how to:

  • Analyze the stack frame layout to derive which field in user input overwrites the return address stored on the stack.
  • Build a basic end-to-end exploit by changing the return address to an attacker-controlled value.

Knowledge Check

The Arm AArch64 stack grows upwards.

The stack pointer must always be aligned to a 4-byte boundary.