-
Notifications
You must be signed in to change notification settings - Fork 0
Processes & Memory
Quintin edited this page Sep 10, 2022
·
1 revision
You will want to get very familiar with representing objects in their hex form. Most debuggers (such as GDB) and reverse engineer tools (like Ghidra) will use this notation. Try the following in a Python shell:
>>> hex(65)
'0x41'
>>> chr(0x41)
'A'
Most computers store variables in the little-endian format. This can be counter intuitive at first. Consider a 4-byte integer. The least significant byte is actually stored first in the lower address. This is a landmine for many people new to security!
Notice how:
- The stack grows downwards and the heap grows upwards
- Each process has their own virtual memory starting from 0