Author Topic: Buffer overflows  (Read 4445 times)

0 Members and 1 Guest are viewing this topic.

linux

  • Guest
Buffer overflows
« on: January 10, 2005, 10:11:48 pm »
Ever wondered what a buffer overflow is? well i was looking around and found some info..


http://www.linuxjournal.com/article/6701
http://destroy.net/machines/security/P49-14-Aleph-One

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Buffer overflows
« Reply #1 on: January 11, 2005, 07:33:20 am »
If anybody has any questions about buffer overflows (heap or stack), format string vulnerabilities, shellcode, etc., feel free to ask here.  I know all about that stuff in gory detail.  Or if you're really interested, "Hacking: The Art of Exploitation" by Jon Erickson is an amazing book.

linux

  • Guest
Re: Buffer overflows
« Reply #2 on: January 11, 2005, 05:45:26 pm »
hrm, ill look into the book...The art of deception is a good book :)

linux

  • Guest
Re: Buffer overflows
« Reply #3 on: January 11, 2005, 11:41:23 pm »
Wanna shed some insight on shellcode to a curious person :)

Offline Mythix

  • The Dude
  • x86
  • Hero Member
  • *****
  • Posts: 1569
  • Victory
    • View Profile
    • Dark-Wire
Re: Buffer overflows
« Reply #4 on: January 12, 2005, 12:51:58 am »
Philosophy, n. A route of many roads leading from nowhere to nothing.

- Ambrose Bierce


Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Buffer overflows
« Reply #5 on: January 12, 2005, 01:48:52 am »
Shellcode is some machine code which, when tricked into running, spawns a shell for you (which lets you enter arbitrary commands).  There are all sorts of ways to do it, like for example:

Compact shellcode -- least number of instructions
polymorphic shellcode -- rewrites itself to get around programs that recognize shellcode
visible-character (or even alphanumeric) shellcode -- all machine code instructions are made up of visible characters, or even alphanumeric.  That way if a field only permits a-zA-Z0-9, you can put your shellcode in anyway.

There are other sneaky ways to do it, but the main point is that you trick a program (using a stack overflow, heap overflow, format string vulnerability, etc.) into running the code.