What is a canary, how does it work, and what does that mean if I want to write a modern exploit.
Canaries were once regularly used in coal mining as an early warning system . Toxic gases such as carbon monoxide or asphyxiant gases such as methane in the mine would kill the bird before affecting the miners . Signs of distress from the bird indicated to the miners that conditions were unsafe . Let's start with some history Oh the good old days. I remember a time when hackthissite.org , and Smash The Stack were fresh, and BOF's were often as easy as shoving your shellcode where the buffer was supposed to be and overwriting the return pointer with where that buffer was... Then they had to go and ruin the fun by widely adopting ASLR (Address Space Layout Randomization), DEP (Data execution protection), and canaries (stack cookies). Now in these dark times not only do we have to ROP with return to libc, we have to chain that with a memory leak vulnerability if we have any hope of smashing the stack. While I plan to do posts soon covering all of these exciti