Add to collection(s) Add to saved
  1. No category

Buffer Overflow Slides

advertisement 
Simple Buffer Overflow Example
Dan Fleck
Reference: http://www.thegeekstuff.com/2013/06/buffer-­‐overflow/ 1
Coming up: B uffer Overflows
Buffer Overflows
• Buffer overflows occur when some sized portion of memory is overwritten with something bigger.
• For example:
• char buff[10]; // Min index is 0, max index is ????
• Overflow:
• buff[10] =‘d’;
2
Coming up: Why care?
Why care?
• Minimally buffer overflows can cause program crashes or unexpected results
• char *ptr = (char *) malloc (10); // Allocate 10 bytes on heap
ptr[10] = ‘d’ ; // Crash!
• However because buffer overflows corrupt memory nearby the variable being over-­‐filled, an informed hacker can use this to write data into other protected areas of the program (i.e. stack and heap)
• char buff[10] = {0};
strcpy(buff, “Lets overflow that buffer!”); // overflow!
Coming up: An attack
3
An attack
int main(void) {
// Use a struct to force local variable m emory ordering
struct {
char buff[16];
char pass;
} localinfo;
localinfo.pass = 0;
printf("\n Enter the password : \ n");
gets(localinfo.buff); / / G et the password from the user
if(strcmp(localinfo.buff, "thegeekstuff")) { / / Check the password
printf ("\n Wrong Password \ n");
} else {
printf ("\n Correct Password \ n");
localinfo.pass = 1; / / S et a flag denoting correct pass
}
if(localinfo.pass) { / * Now G ive root or admin rights to user*/
printf ("\n R oot privileges given to the user \n");
}
4
return 0;
}
Coming up: Lets look inside…
Lets test it!
Lets look inside…
• GDB is a common debugger for C programs.
• gcc –g –O0 –fno-­‐stack-­‐protector myFile.c
• -­‐g option enables debug symbols and thus debugging
• -­‐fno-­‐stack-­‐protector disables StackGuard protection
• -­‐O0 turns off optimization (makes debugging easier)
• DDD is a graphical front-­‐end to GDB. Typically GDB is used from a command line interface
5
Coming up: Lessons
Lessons
• Buffer overflows occur when memory bounds of a variable are exceeded
• They can occur on the heap or the stack
• Buffer overflows have unintended consequences.
• There are protections against unsafe operations however they may not always be used (or known)
35
6
Coming up: R eferences
References
• http://blog.zynamics.com/2010/03/12/a-­‐gentle-­‐introduction-­‐
to-­‐return-­‐oriented-­‐programming/
• http://cseweb.ucsd.edu/~hovav/dist/geometry.pdf
• Stealth: http://www.suse.de/~krahmer/no-­‐nx.pdf
• Nergel, http://www.phrack.com/issues.html?issue=58&id=4#article
• http://cseweb.ucsd.edu/~hovav/dist/rop.pdf
36
7
End of presentation
Related documents
slides
slides
H.264 Rate Control
H.264 Rate Control
Messages
Messages
Final Exam - Topic Outline
Final Exam - Topic Outline
Labs and Exercises using the Buffer Overflow Module materials
Labs and Exercises using the Buffer Overflow Module materials
overflow flowing
overflow flowing
Honors Chem- Buffers Worksheet
Honors Chem- Buffers Worksheet
n0161
n0161
buffer-overflow-cs2-java
buffer-overflow-cs2-java
Smashing the Stack for Fun and Profit
Smashing the Stack for Fun and Profit
Computer Security and Penetration Testing Chapter 12 Buffer
Computer Security and Penetration Testing Chapter 12 Buffer
LECTURE 12 Names, Scopes, and Bindings
LECTURE 12 Names, Scopes, and Bindings
Download
advertisement