Presentation is loading. Please wait.

Presentation is loading. Please wait.

Overflows Mark Shtern.

Published byRandolf Chase Modified over 7 years ago

Similar presentations

Presentation on theme: "Overflows Mark Shtern."— Presentation transcript:

1 Overflows Mark Shtern

2 Overflows Try a web search for “buffer overflow exploit”.
Check alt.2600, rootshell.com, antionline.com – you can find long lists of exploits based on buffer overflow, integer overflow Overflows are very popular security bugs Metasploit framework has large number of buffer overflow exploits

3 The Problem void foo(char *s) { char buf[10]; strcpy(buf,s); printf(“buf is %s\n”,s); } foo(“thisstringistoolongforfoo”);

4 Buffer Overflow Intent Steps Arbitrary code execution
Spawn a remote shell or infect with worm/virus Steps Inject attack code into buffer Redirect control flow to attack code Execute attack code

5 Vulnerable Code Example
#define MAX_BUF 256 void BadCode(char* input) { short len; char buf[MAX_BUF]; len = strlen(input); / / Is the following safe? if(len < MAX_BUF) strcpy(buf, input); }

6 Redemption steps Enable stack protection (compiler flag)
Enable catch signed overflow (compiler flag) Enable OS protection mechanisms (Randomize stack, Non-executable Stack and Heap) Use analysis tools (Archer, Boon, Splint, Uno, OleDbg, Spike, Brute Force Binary Tester)

7 Redemption steps Replace dangerous string functions
Audit memory allocations Check loops and array access Avoid low-level data manipulation Do not use tricks (if (a ^ b ^ c < 0) ....) Write out casts Use high level libraries (STL, SafeInt)

8 Metasploit Start metasploit () Identify exploit Select target
Select payload to execute Complete target identification and set options Exploit target

9 Overflow Simulation Find application vulnerability by reviewing the code Smash the application stack The program counter register must be modified with a value of your choice Use gdb to view the values of the registers Use: info registers

Download ppt "Overflows Mark Shtern."

Similar presentations

Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)

Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)
Smashing the Stack for Fun and Profit

Smashing the Stack for Fun and Profit
CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson

CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.
Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.

Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.
Intro to Exploitation Stack Overflows James McFadyen UTD Computer Security Group 10/20/2011.

Intro to Exploitation Stack Overflows James McFadyen UTD Computer Security Group 10/20/2011.
1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.

1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.

Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.
Gabe Kanzelmeyer CS 450 4/14/10.  What is buffer overflow?  How memory is processed and the stack  The threat  Stack overrun attack  Dangers  Prevention.

Gabe Kanzelmeyer CS 450 4/14/10.  What is buffer overflow?  How memory is processed and the stack  The threat  Stack overrun attack  Dangers  Prevention.
Buffer Overflow. Process Memory Organization.

Buffer Overflow. Process Memory Organization.
Netprog: Buffer Overflow1 Buffer Overflow Exploits Taken shamelessly from: netprog/overflow.ppt.

Netprog: Buffer Overflow1 Buffer Overflow Exploits Taken shamelessly from: netprog/overflow.ppt.
Control hijacking attacks Attacker’s goal: – Take over target machine (e.g. web server) Execute arbitrary code on target by hijacking application control.

Control hijacking attacks Attacker’s goal: – Take over target machine (e.g. web server) Execute arbitrary code on target by hijacking application control.
Lecture 16 Buffer Overflow

Lecture 16 Buffer Overflow
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow I: Attack Introduction Cliff Zou Spring 2012.

CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow I: Attack Introduction Cliff Zou Spring 2012.
Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.

Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.
Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.

Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.
Software bugs (and security implications). Software security Code can have perfect design and algorithm, but still have implementation vulnerabilities.

Software bugs (and security implications). Software security Code can have perfect design and algorithm, but still have implementation vulnerabilities.
Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-

Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2011.

CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2011.

Similar presentations

Ads by Google