I've seen countless tutorials on hacking telling you that all you need to do is find the memory address of a variable and edit it, the problem is, they never explain how to do it. I'm not one for blackhat hacking and am only interested in making sure that my programs are as secure as possible but it's quite a hassle for me. I'm not sure whether finding the memory addresses is language/os specific so I'm kneeling on one knee with this question. Thanks
Asked
Active
Viewed 989 times
0
-
2This isn't how "hacking" works, at all. That sounds more like cheating in games than anything security related. – Polynomial Oct 27 '16 at 10:46
-
@Polynomial It was for programs with logins – Rob Dawson Oct 27 '16 at 10:48
-
editing the "username" and "password" variables, though it specifically said they had to be called that. Do variables names affect memory addresses – Rob Dawson Oct 27 '16 at 10:49
-
What would they get out of that, though? They'd need to be executing malware at the same privilege level as your program, or higher, at which point reading or writing your process memory is redundant. – Polynomial Oct 27 '16 at 10:58
-
First you run the software locally and use a debugger to find the memory locations. You craft your attack using these locations. You then fire this attack at a remote system and hope the locations are the same. These days there are many anti-exploitation defences (like ALSR) and also smarter attacking techniques to get around them. – paj28 Oct 27 '16 at 11:19
1 Answers
0
Start the program and use a debugger to find the memory locations. You base your hack around these locations. You then use this hack on a remote system and hope the locations are the same. There are many anti-exploitation defences though, so be careful, but there are also better hacking techniques to get around them. Hope this was helpful.
MountainSide Studios
- 180
- 1
- 1
- 6