Interactive x86-32 visualizations for understanding stack memory layout and buffer overflow attacks. Built for Boston University's EC521 course.
Step-by-step walkthrough of how the stack frame is set up and torn down during a function call. Based on a simple C program where main() calls inc(num).
Covers:
- Function prologue (
push ebp/mov ebp, esp/sub esp) - Local variable allocation and access via
[ebp - offset] - Argument passing via the stack (cdecl calling convention)
- The
callinstruction pushing the return address - Function epilogue (
leave/ret) restoring ESP, EBP, and EIP
Interactive demonstration of a stack-based buffer overflow using strcpy. Type input in real-time and watch it overflow from buffer[12] into adjacent stack memory.
Covers:
- Why
strcpyis dangerous (no bounds checking) - Overwriting adjacent local variables (
username) - Corrupting the saved frame pointer (EBP)
- Overwriting the return address for arbitrary code execution
- Supports
\xNNhex escape sequences in input (e.g.,\xef\xbe\xad\xde)
Open either HTML file directly in a browser. No build step, server, or dependencies required.
- Arrow keys or buttons to step through instructions
- Preset buttons to load example inputs
- Live mode (buffer overflow) updates the stack as you type