Presentation is loading. Please wait.

Presentation is loading. Please wait.

What is exactly Exploit writing?  Writing a piece of code which is capable of exploit the vulnerability in the target software.

Published byBenedict Brooks Modified over 9 years ago

Similar presentations

Presentation on theme: "What is exactly Exploit writing?  Writing a piece of code which is capable of exploit the vulnerability in the target software."— Presentation transcript:

1

2 What is exactly Exploit writing?  Writing a piece of code which is capable of exploit the vulnerability in the target software.

3 What is the impact of Exploits?  Remote code execution : leads to running malicious application in victim’s system  Denial of Service attacks  …

4

5 What I am going to explain today…  Intro to Stack  Stack Buffer Overflow attack  Demo

6 Intro to Stack  A piece of the Process memory  Used for storing variables, function call,return address,…  Allocated by the OS, for each thread (when the thread is created). When the thread ends, the stack is cleared as well.  The size of the stack is defined when it gets created and doesn’t change  Increase to lower address( 0041008  0041004  0041002…)

7 void vulnfun(char *in) { char buf[10]; } int main(int argc,char *argv[]) { vulnfun(argv[1]); return 0; }

8 ................ Stack Pointer (ESP) Arguments for Main Function Return Address Local variables of Main Stack Frame for Main Arguments for VulnFun function ( argv[1] ) Save previous Base Pointer Stack Frame for Vulnfun Save previous Base Pointer Return Address Base Pointer (EBP) of main Base Pointer (EBP) of VulnFun 0xFFFFFFFF 0x00000000 Local Variable of VulnFun( buf) Stack Pointer (ESP)

9

10

11 Stack Buffer Overflow  Result of giving Input that is longer than the memory allocated for the variable  For instance, “Char a[10]” can store 10 characters. If you try to enter more than 10 characters that results in overflow

12 ................ Stack Pointer (ESP) Arguments for Main Function Return Address Local variables of Main AAAAAAA Arguments for VulnFun function ( argv[1] ) AAAAAAA Save previous Base Pointer Return Address Base Pointer (EBP) of main Base Pointer (EBP) of VulnFun Local variable “buf” Saved Base pointer overwritten

13 ................ Stack Pointer (ESP) Arguments for Main Function Return Address Local variables of Main AAAAAAA Arguments for VulnFun function ( argv[1] ) AAAAAAA Save previous Base Pointer 0x004012C9 Base Pointer (EBP) of Main Base Pointer (EBP) of VulnFun Local variable “buf” Saved Base pointer overwritten Return Address modified by exploiting the overflow

14 Thank You

Download ppt "What is exactly Exploit writing?  Writing a piece of code which is capable of exploit the vulnerability in the target software."

Similar presentations

Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)

Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)
Recitation 4 Outline Buffer overflow –Practical skills for Lab 3 Code optimization –Strength reduction –Common sub-expression –Loop unrolling Reminders.

Recitation 4 Outline Buffer overflow –Practical skills for Lab 3 Code optimization –Strength reduction –Common sub-expression –Loop unrolling Reminders.
Introduction to Memory Management. 2 General Structure of Run-Time Memory.

Introduction to Memory Management. 2 General Structure of Run-Time Memory.
Exploring Security Vulnerabilities by Exploiting Buffer Overflow using the MIPS ISA Andrew T. Phillips Jack S. E. Tan Department of Computer Science University.

Exploring Security Vulnerabilities by Exploiting Buffer Overflow using the MIPS ISA Andrew T. Phillips Jack S. E. Tan Department of Computer Science University.
Review: Software Security David Brumley Carnegie Mellon University.

Review: Software Security David Brumley Carnegie Mellon University.
Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.

Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.
Gabe Kanzelmeyer CS 450 4/14/10.  What is buffer overflow?  How memory is processed and the stack  The threat  Stack overrun attack  Dangers  Prevention.

Gabe Kanzelmeyer CS 450 4/14/10.  What is buffer overflow?  How memory is processed and the stack  The threat  Stack overrun attack  Dangers  Prevention.
Stack buffer overflow.

Stack buffer overflow.
Stack buffer overflow http://en.wikipedia.org/wiki/Stack_buffer_overflow.

Stack buffer overflow
Security Protection and Checking in Embedded System Integration Against Buffer Overflow Attacks Zili Shao, Chun Xue, Qingfeng Zhuge, Edwin H.-M. Sha International.

Security Protection and Checking in Embedded System Integration Against Buffer Overflow Attacks Zili Shao, Chun Xue, Qingfeng Zhuge, Edwin H.-M. Sha International.
Windows XP SP2 Stack Protection Jimmy Hermansson Johan Tibell.

Windows XP SP2 Stack Protection Jimmy Hermansson Johan Tibell.
Applications Complex applications must: run for weeks or months properly release resources to avoid waste cope with outrageously malicious user input recover.

Applications Complex applications must: run for weeks or months properly release resources to avoid waste cope with outrageously malicious user input recover.
Computer Security Buffer Overflow lab Eu-Jin Goh.

Computer Security Buffer Overflow lab Eu-Jin Goh.
September 22, 2014 Pengju (Jimmy) Jin Section E

September 22, 2014 Pengju (Jimmy) Jin Section E
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.
Command line arguments. – main can take two arguments conventionally called argc and argv. – Information regarding command line arguments are passed to.

Command line arguments. – main can take two arguments conventionally called argc and argv. – Information regarding command line arguments are passed to.
University of Washington CSE 351 : The Hardware/Software Interface Section 5 Structs as parameters, buffer overflows, and lab 3.

University of Washington CSE 351 : The Hardware/Software Interface Section 5 Structs as parameters, buffer overflows, and lab 3.
Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-

Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2011.

CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2011.
Assembly, Stacks, and Registers Kevin C. Su 9/26/2011.

Assembly, Stacks, and Registers Kevin C. Su 9/26/2011.

Similar presentations

Ads by Google