Hiii all...
Welcome to Hacker Tips - The place where you master the skills behind hacking.
In this post we are going to learn how to exploit C programs with Buffer Over Flow Vulnerability.
Buffer Overflows
Most internet worms use buffer overflow vulnerability to hack into the softwares. And even the most zero-day VML vulnerability in Internet Explorer is due to a buffer overflow.
The programming Language C, expects the programmer to be an Intelligent. It just thinks that the programmer is responsible for every single instruction it is programmed to do. If the programmer is not careful, C doesn't cares him/her, and just follows the instructions Blindly. This sometimes result in memory leaks and buffer overflows.
This means, once a variable allocated in the stack, there is no guarantee that the memory stays safe in the stack. This means that there are no safe-guards to ensure that the contents of the variable fit into the allocated memory. If the programmer wants to store 'n' bytes of data to a variables that is allocated only 'd' bytes of data where d < n, then the remaining 'n-d' bytes of data overflows into the variable that comes after that. This makes the second variable overwritten.
If this no variable beside the variable that is ready to overflow, then the program leads to a segmentation fault.
We'll discuss segmentation faults in detail in the next post.....
Welcome to Hacker Tips - The place where you master the skills behind hacking.
In this post we are going to learn how to exploit C programs with Buffer Over Flow Vulnerability.
Buffer Overflows
Most internet worms use buffer overflow vulnerability to hack into the softwares. And even the most zero-day VML vulnerability in Internet Explorer is due to a buffer overflow.
The programming Language C, expects the programmer to be an Intelligent. It just thinks that the programmer is responsible for every single instruction it is programmed to do. If the programmer is not careful, C doesn't cares him/her, and just follows the instructions Blindly. This sometimes result in memory leaks and buffer overflows.
This means, once a variable allocated in the stack, there is no guarantee that the memory stays safe in the stack. This means that there are no safe-guards to ensure that the contents of the variable fit into the allocated memory. If the programmer wants to store 'n' bytes of data to a variables that is allocated only 'd' bytes of data where d < n, then the remaining 'n-d' bytes of data overflows into the variable that comes after that. This makes the second variable overwritten.
If this no variable beside the variable that is ready to overflow, then the program leads to a segmentation fault.
We'll discuss segmentation faults in detail in the next post.....
Comments
Post a Comment