Lunchtime Hackers Buffer Overflow Intro.

Slides:



Advertisements
Similar presentations
Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)
Advertisements

OutLine of Tutorial 3 Memory Allocation Const string New string(byte array) Read memory in simulator Function invocation How Import library files Modify.
CSCI 1730 April 1 st, Materials Class notes slides & some “plain old” html & source code examples linked from course calendar board notes & diagrams.
Def f(n): if (n == 0): return else: print(“*”) return f(n-1) f(3)
Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.
1 Key Concepts:  Why C?  Life Cycle Of a C program,  What is a computer program?  A program statement?  Basic parts of a C program,  Printf() function?
Unix Process Environment. main Function A C program starts execution with a function called main. The prototype for the main function is: int main (int.
Netprog: Buffer Overflow1 Buffer Overflow Exploits Taken shamelessly from: netprog/overflow.ppt.
Lecture Topics: 11/3 Address spaces Memory protection Creating a process –NT style –Unix style.
1 - buttons Click “Step Forward” to execute one line of the program. Click “Reset” to start over. “Play,” “Stop,” and “Step Back” are disabled in this.
Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-
Buffer overflows.
Introduction to InfoSec – Recitation 2 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2011.
Assembly, Stacks, and Registers Kevin C. Su 9/26/2011.
File Systems. It is a simple C program that prints ``hello world'' and then exits. The header describes it as an ELF image with two physical headers (e_phnum.
Lab 1 Preparation UNIX/Linux background Java Language Intro.
Variables and Objects, pointers and addresses: Chapter 3, Slide 1 variables and data objects are data containers with names the value of the variable is.
Buffer Overflows : An In-depth Analysis. Introduction Buffer overflows were understood as early as 1972 The legendary Morris Worm made use of a Buffer.
IT253: Computer Organization Lecture 3: Memory and Bit Operations Tonga Institute of Higher Education.
Brian E. Brzezicki. This tutorial just illustrates the underlying concepts of buffer overflows by way of an extremely simple stack overflow  Most buffer.
Chapter 2: Linux & POSIX “She sells bash shells by the C shore”
1 Operating Systems Lecture 2 UNIX and Shell Scripts.
Buffer Overflow CS461/ECE422 Spring Reading Material Based on Chapter 11 of the text.
Exploitation Of Windows Buffer Overflows. What is a Buffer Overflow A buffer overflow is when memory is copied to a location that is outside of its allocated.
Characters. Character Data char data type – Represents one character – char literals indicated with ' '
Introduction to InfoSec – Recitation 2 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
Smashing the Stack Overview The Stack Region Buffer Overflow
Memory Layout, File I/O Bryce Boe 2013/06/27 CS24, Summer 2013 C.
What is exactly Exploit writing?  Writing a piece of code which is capable of exploit the vulnerability in the target software.
Info stored in computer (memory) Numbers All in binaray – can be converted to octal, hex Characters ASCII – 1-byte/char Unicode – 2-byte/char Unicode-table.com/en.
Swap Space and Other Memory Management Issues Operating Systems: Internals and Design Principles.
Reading and Writing Text over USB A Colony Project Tutorial.
Information Security - 2. A Stack Frame. Pushed to stack on function CALL The return address is copied to the CPU Instruction Pointer when the function.
Foundations of Network and Computer Security J J ohn Black CSCI 6268/TLEN 5550, Spring 2013.
Copyright Pearson Prentice-Hall Why?
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2014.
Using System Calls (Unix) Have to tell compiler (if C/C++) where to find the headers, etc. – i.e., the “include” files May have to tell compiler where.
“Success consists of going from failure to failure without loss of enthusiasm.” Winston Churchill.
Hank Childs, University of Oregon April 6 th, 2015 CIS 330: _ _ _ _ ______ _ _____ / / / /___ (_) __ ____ _____ ____/ / / ____/ _/_/ ____/__ __ / / / /
File I/O. I/O Flags Flags are passed to give some information about how the file is to be used. – Read only file – flag=0x0 – Write only file – flag=0x1.
Variables Bryce Boe 2012/09/05 CS32, Summer 2012 B.
Buffer Overflow Walk-Through
Hank Childs, University of Oregon
Instructions for test_function
Today topics: File System Implementation
CSC 495/583 Topics of Software Security Stack Overflows
Using Processes.
Engineering Innovation Center
Buffer Overflow Walk-Through
Hank Childs, University of Oregon
Strings, Line-by-line I/O, Functions, Call-by-Reference, Call-by-Value
Ken D. Nguyen Department of Computer Science Georgia State University
Objective Explain basic fuzzing with concrete coding example
C Programming APP3o.
Address Space Layout Randomization (ASLR) Dirk Gordon
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2015.
CNT4704: Analysis of Computer Communication Network Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Fall 2011.
System Calls David Ferry CSCI 3500 – Operating Systems
Buffer Overflows.
Comp Org & Assembly Lang
Comp Org & Assembly Lang
Copyright © 2013 Elsevier Inc. All rights reserved.
Ken D. Nguyen Department of Computer Science Georgia State University
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2016.
Understanding and Preventing Buffer Overflow Attacks in Unix
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2013.
FIGURE Illustration of Stack Buffer Overflow
Exploitation Part 1.
Return-to-libc Attacks
Presentation transcript:

Lunchtime Hackers Buffer Overflow Intro

Some Memory Stuff to Understand Stack – a segment of memory set aside for a program (kinda like scratch space) Buffer – just a sement of contiguous memory (not broken up in pieces) Big Endian – A method of byte ordering (longer history, common in mainframes) The hex string AB CD EF will be stored in memory as AB CD EF Little Endian – Different method of byte order interpretation (Your laptop does this) The hex string AB CD EF will be stored in memory as EF CD AB

Linux Permissions Refresher If you look at Linux perms in the terminal, they’ll look like this: -rwxrwxrwx <file info> <filename> We’re interested in the leftmost portion. It can be broken down into a few different parts: - rwx rwx rwx First Portion: directory? Owner Perms Group Perms World Perms

SUID-bit Allows a program to run as another person Person usually has higher permissions than person running program Allows lower permissioned person to do stuff they wouldn’t normally In a terminal will look like this: - r - s - -x - - - Instead of an ‘X’, there is an ‘S’

The Code: Set variable called val Set aside buffer of 20 bytes #include <some libraries> int main(){ long val=0x41414141; char buf[20]; printf("Correct val's value from 0x41414141 -> 0xdeadbeef!\n"); printf("Here is your chance: "); scanf("%24s",&buf); printf("buf: %s\n",buf); printf("val: 0x%08x\n",val); if(val==0xdeadbeef) system("/bin/sh"); else { printf("WAY OFF!!!!\n"); exit(1); } return 0; Set variable called val Set aside buffer of 20 bytes Prints to standard out Reads in 24 bytes (rather than 20 bytes) If val = 0xDEADBEEF, program drops into a shell

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.