Presentation is loading. Please wait.

Presentation is loading. Please wait.

How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. How to Use Buffer Overflow Demos (applets)

Published byMarilyn Kelley Modified over 9 years ago

Similar presentations

Presentation on theme: "How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. How to Use Buffer Overflow Demos (applets)"— Presentation transcript:

1 How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu How to Use Buffer Overflow Demos (applets) Author: Jedidiah R. Crandall, crandaj@erau.edu This Document was Funded by the National Science Foundation Federal Cyber Service Scholarship For Service Program: Grant No. 0113627 Distributed July 2002 Embry-Riddle Aeronautical University Prescott, Arizona USA

2 How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu

3 1 - buttons Click “Step Forward” to execute one line of the program. Click “Reset” to start over. “Play,” “Stop,” and “Step Back” are disabled in this version of the applet.

4 How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu 2 – input text box The input text box is enabled whenever a gets() function is being executed (library functions are not treated as separate subroutines in this applet). When it is enabled you may activate it and give input to the program by typing into the input box. The text box will ignore all non-alphabetic characters (‘1’, ‘?’, ‘~’, etc.) and will covert all lower case characters to upper case before passing the input on to the program.

5 How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu 3 – source code This is the C source code for the program that is being executed. You should understand several things even if you are not a C programmer: 1. PasswordOkay() will call the PasswordOkay() subroutine, 2. gets() reads a string from the user and puts() prints a string, 3. strcmp() compares two strings to see if they are the same, and 4. A statement like char A[5] = “HELLO” will allocate a five byte buffer called A and initialize it to “HELLO”. char Num = ‘R’ allocates one byte called Num and sets it equal to ‘R’.

6 How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu 4 – highlighted line The highlighted line of code is the one currently being executed. This lets you watch the path that the program execution takes.

7 How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu 5 – more source code Notice that the source code for different subroutines is also different colors. Also notice how an if statement looks: if (something is true) do one thing; else do something else;

8 How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu 6 – notes Every line of source code has a note that is shown on the bottom of the screen as it is executed. These notes might be hints or explanations of what is going on.

9 How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu 7- I/O area The Input/Output area is much like the terminal of a DOS or UNIX machine. The program can print things out for you to see and it can ask you to type things in (using the input text box) for it to store. Remember that you have to activate the input text box by clicking on it to give the program any input, and that you can only do this when the input text box is enabled during a gets() statement.

10 How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu 8 – memory There are 256 bytes of memory. Memory is laid out in hexadecimal notation (0x??) from left to right, top to bottom like you would read a book. 0x00 is the the first byte in memory, 0xFF is the last. 0xC9 is the ‘$’. It’s just like looking something up in a table.

11 How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu 9 – code text Code text is the program compiled into a format that the computer can understand. It is just a series of numbers like anything else in memory, except that each number represents a unique computer instruction. Note that a ‘*’ will show the current position of the program counter (how the computer keeps track of where it is) and an ‘X’ will be placed over an instruction to signify that that instruction called another subroutine and will be returned to. The color of the C code for a subroutine is the same as the color of the code text for that subroutine in memory.

12 How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu 10 - stack The stack stores return pointers, temporary variables and buffers, and sometimes other things. When something stored on the stack is no longer needed it is destroyed. You can watch the stack be built and destroyed as you execute the program. Notice that a ‘$’ is a return pointer to the subroutine with the same color as the box the ‘$’ is in. A ‘?’ is a canary which only StackGuard uses.

13 How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu Glossary Execute – To execute the program means to “run” it. The two terms can be used interchangeably. Source code – this is the code that the programmer writes in a high-level language like Java, BASIC, or, in this case, C. A high-level language is one that humans can easily read and understand. Terminal – A terminal is a combination of a screen and a keyboard where the user of a program can type input into the program and receive output back. Memory – Memory is where the computer stores the code text for a program, the variables, the stack, and everything else that the program needs. Hexadecimal – The decimal system uses a base of 10, where 2863 has a 2 in the 1000’s place, an 8 in the 100’s place, a 6 in the 10’s place, and a 3 in the 1’s place. Hexadecimal uses 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, F instead of just 0 through 9, where A = 10, B = 11 … F = 15. The base of hexadecimal is 16, so it has a 1’s place, a 16’s place, a 256’s place, a 4096’s place, etc. 0 through 255 can be represented in hexadecimal as 0x00 through 0xFF. 0x?? is a common convention for distinguishing hexadecimal numbers from decimal numbers. Compiled – A compiler takes the source code a programmer has written and turns it into code text that a computer can easily execute. Code text is a sequence of instructions. Instruction – An instruction tells the computer what to do, but it is very low-level. Unlike source code, it works at the computer level telling the computer what elementary steps to take to execute the program. Program counter – The instructions are stored as a sequence of numbers in the computer just like anything else. The computer usually executes one instruction after another unless it is told to jump somewhere else. The program counter keeps track of what instruction in memory is being executed at any given time. Jump – A jump occurs when the computer is told to start executing instructions somewhere else besides the next instruction after the current one being executed. Canary – A canary is put in memory and if it is overwritten then something is wrong. It is analogous to the canaries used in coal mines to detect poisonous gas.

14 How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. http://sfsecurity.pr.erau.edu About this Project This presentation is part of a larger package of materials on buffer overflow vulnerabilities, defenses, and software practices. For more information, go to: http://nsfsecurity.pr.erau.eduhttp://nsfsecurity.pr.erau.edu Also available are: –Demonstrations of how buffer overflows occur (Java applets) –PowerPoint lecture-style presentations on an introduction to buffer overflows, preventing buffer overflows (for C programmers), and a case study of Code Red –Checklists and Points to Remember for C Programmers –An interactive module and quiz set with alternative paths for journalists/analysts and IT managers as well as programmers and testers –A scavenger hunt on implications of the buffer overflow vulnerability Please complete a feedback form at http://nsfsecurity.pr.erau.edu/feedback.html to tell us how you used this material and to offer suggestions for improvements.http://nsfsecurity.pr.erau.edu/feedback.html

Download ppt "How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. How to Use Buffer Overflow Demos (applets)"

Similar presentations

What is a pointer? First of all, it is a variable, just like other variables you studied So it has type, storage etc. Difference: it can only store the.

What is a pointer? First of all, it is a variable, just like other variables you studied So it has type, storage etc. Difference: it can only store the.
CS0007: Introduction to Computer Programming Console Output, Variables, Literals, and Introduction to Type.

CS0007: Introduction to Computer Programming Console Output, Variables, Literals, and Introduction to Type.
Buffer Overflow Intro. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Preventing Buffer Overflows (for C programmers)

Buffer Overflow Intro. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Preventing Buffer Overflows (for C programmers)
Buffer Overflow Causes. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Causes Author: Jedidiah.

Buffer Overflow Causes. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Causes Author: Jedidiah.
Algorithms Series of mathematical or variable manipulations Integer a,b,c a = 12 b = 22 c = a * b (what is c?) 12 * 22 = 264.

Algorithms Series of mathematical or variable manipulations Integer a,b,c a = 12 b = 22 c = a * b (what is c?) 12 * 22 = 264.
Software and Software Vulnerabilities. Synopsis Array overflows Stack overflows String problems Pointer clobbering. Dynamic memory management Integer.

Software and Software Vulnerabilities. Synopsis Array overflows Stack overflows String problems Pointer clobbering. Dynamic memory management Integer.
1 Key Concepts:  Why C?  Life Cycle Of a C program,  What is a computer program?  A program statement?  Basic parts of a C program,  Printf() function?

1 Key Concepts:  Why C?  Life Cycle Of a C program,  What is a computer program?  A program statement?  Basic parts of a C program,  Printf() function?
CS31: Introduction to Computer Science I Discussion 1A 4/2/2010 Sungwon Yang

CS31: Introduction to Computer Science I Discussion 1A 4/2/2010 Sungwon Yang
Software Engineering Lifecycle. ©2002. Jan G. Hogle, Susan L. Gerhart. Software Engineering Lifecycle Authors: Jan G. Hogle,

Software Engineering Lifecycle. ©2002. Jan G. Hogle, Susan L. Gerhart. Software Engineering Lifecycle Authors: Jan G. Hogle,
Guide To UNIX Using Linux Third Edition

Guide To UNIX Using Linux Third Edition
Starting Out with C++: Early Objects 5/e © 2006 Pearson Education. All Rights Reserved Starting Out with C++: Early Objects 5 th Edition Chapter 1 Introduction.

Starting Out with C++: Early Objects 5/e © 2006 Pearson Education. All Rights Reserved Starting Out with C++: Early Objects 5 th Edition Chapter 1 Introduction.
C Programmer Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Quiz: For C Programmers Author: Jedidiah.

C Programmer Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Quiz: For C Programmers Author: Jedidiah.
Python. What is Python? A programming language we can use to communicate with the computer and solve problems We give the computer instructions that it.

Python. What is Python? A programming language we can use to communicate with the computer and solve problems We give the computer instructions that it.
Alternate Version of STARTING OUT WITH C++ 4 th Edition Chapter 1 Introduction to Computers and Programming.

Alternate Version of STARTING OUT WITH C++ 4 th Edition Chapter 1 Introduction to Computers and Programming.
1 - buttons Click “Step Forward” to execute one line of the program. Click “Reset” to start over. “Play,” “Stop,” and “Step Back” are disabled in this.

1 - buttons Click “Step Forward” to execute one line of the program. Click “Reset” to start over. “Play,” “Stop,” and “Step Back” are disabled in this.
1 Chapter One A First Program Using C#. 2 Objectives Learn about programming tasks Learn object-oriented programming concepts Learn about the C# programming.

1 Chapter One A First Program Using C#. 2 Objectives Learn about programming tasks Learn object-oriented programming concepts Learn about the C# programming.
CSC 125 Introduction to C++ Programming Chapter 1 Introduction to Computers and Programming.

CSC 125 Introduction to C++ Programming Chapter 1 Introduction to Computers and Programming.
A First Program Using C#

A First Program Using C#
Buffer Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Defenses Author:

Buffer Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Defenses Author:
Copyright © 2012 Pearson Education, Inc. Chapter 1: Introduction to Computers and Programming.

Copyright © 2012 Pearson Education, Inc. Chapter 1: Introduction to Computers and Programming.

Similar presentations

Ads by Google