In a modern OS I think that:
So how is it possible for an exploit containing a payload of binary assembled instructions to get execution?
The execution of the Binary Assembled instructions works by exploiting the vulnerability in the Application Program.For example inserting malicious code into a PDF,if there is a flaw in the PDF Software the Code from the Data Section can be executed.
Now coming to your question.As far as i know after 8086,Intel started employing 4 levels of protection.The inner level is for Kernel Level processes and the outermost level is for User Level Processes.There are separate stacks for both the processes but the Memory space is shared. A user level process(caller) cannot directly perform a privileged task,it needs to call a trusted code that does the work for the caller.But for the user level process to call the trusted code say to write a data item X,it should have the permission to do so(indirectly).
There are some exploits commonly called as Trojan Horses that allow the User Level process to use a Trusted Code to do stuff it is actually not allowed to do.
So if the Application program itself has vulnerabilities,combining that with such exploits can get the desired code in execution.
You're basically right in your knowledge about binaries. But they're too abstract to be of any use. I am assuming you're speaking about all binaries, not only the kernel or OS-level apps...
In short, the .bss section (where user-provided input resides in memory), stores variables that are loaded into critical process registers (local processor variables) during runtime. Manipulating any of these stored variables, preferably through a stack-based overflow (where user input overflows memory, and writes over one of the critical variables...) would possibly lead to executing user-provided bytes (intended to be input) as processor instructions.
So, if you're careful with your input, you could make the computer do whatever you want (that was not part of the program's job). If you're careful with user-supplied input, you would curb an attacker's attempt in exploiting your computer.
