Presentation is loading. Please wait.

Presentation is loading. Please wait.

Simple Buffer Overflow Example Dan Fleck CS469 Security Engineering Reference: Coming up: Buffer Overflows.

Published byMarlene Davidson Modified over 8 years ago

Similar presentations

Presentation on theme: "Simple Buffer Overflow Example Dan Fleck CS469 Security Engineering Reference: Coming up: Buffer Overflows."— Presentation transcript:

1 Simple Buffer Overflow Example Dan Fleck CS469 Security Engineering Reference: http://www.thegeekstuff.com/2013/06/buffer-overflow/ Coming up: Buffer Overflows 1111

2 Buffer Overflows Buffer overflows occur when some sized portion of memory is overwritten with something bigger. For example: char buff[10]; // Min index is 0, max index is ???? Overflow: buff[10] =‘d’; Coming up: Why care? 22

3 Why care? Minimally buffer overflows can cause program crashes or unexpected results char *ptr = (char *) malloc (10); // Allocate 10 bytes on heap ptr[10] = ‘d’ ; // Crash! However because buffer overflows corrupt memory nearby the variable being over-filled, an informed hacker can use this to write data into other protected areas of the program (i.e. stack and heap) char buff[10] = {0}; strcpy(buff, “Lets overflow that buffer!”); // Stack overflow! Coming up: An attack 33

4 An attack int main(void) { char buff[15]; int pass = 0; printf("\n Enter the password : \n"); gets(buff); // Get the password from the user if(strcmp(buff, "thegeekstuff")) { // Check the password printf ("\n Wrong Password \n"); } else { printf ("\n Correct Password \n"); pass = 1; // Set a flag denoting correct pass } if(pass) { /* Now Give root or admin rights to user*/ printf ("\n Root privileges given to the user \n"); } return 0; } Lets test it! Coming up: Lets look inside… 44

5 Lets look inside… GDB is a common debugger for C programs. gcc –g myFile.c // -g option enables debug symbols and thus debugging DDD is a graphical front-end to GDB. Typically GDB is used from a command line interface Coming up: Lessons 55

6 Lessons Buffer overflows occur when memory bounds of a variable are exceeded They can occur on the heap or the stack Buffer overflows have unintended consequences. There are protections against unsafe operations however they may not always be used (or known) Coming up: References 35 66

7 References http://blog.zynamics.com/2010/03/12/a-gentle-introduction- to-return-oriented-programming/ http://blog.zynamics.com/2010/03/12/a-gentle-introduction- to-return-oriented-programming/ http://cseweb.ucsd.edu/~hovav/dist/geometry.pdf Stealth: http://www.suse.de/~krahmer/no-nx.pdfhttp://www.suse.de/~krahmer/no-nx.pdf Nergel, http://www.phrack.com/issues.html?issue=58&id=4#article http://www.phrack.com/issues.html?issue=58&id=4#article http://cseweb.ucsd.edu/~hovav/dist/rop.pdf End of presentation 36 77

Download ppt "Simple Buffer Overflow Example Dan Fleck CS469 Security Engineering Reference: Coming up: Buffer Overflows."

Similar presentations

Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)

Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)
Recitation By yzhuang, sseshadr. Agenda Debugging practices – GDB – Valgrind – Strace Errors and Wrappers – System call return values and wrappers – Uninitialization.

Recitation By yzhuang, sseshadr. Agenda Debugging practices – GDB – Valgrind – Strace Errors and Wrappers – System call return values and wrappers – Uninitialization.
Buffer Overflow Prabhaker Mateti Wright State University.

Buffer Overflow Prabhaker Mateti Wright State University.
Smashing the Stack for Fun and Profit

Smashing the Stack for Fun and Profit
CS 450 Module R1. R1 Introduction In Module R1, you will implement a user interface (command handler). There are a couple of options: ▫Command Line: interface.

CS 450 Module R1. R1 Introduction In Module R1, you will implement a user interface (command handler). There are a couple of options: ▫Command Line: interface.
Integrity & Malware Dan Fleck CS469 Security Engineering Some of the slides are modified with permission from Quan Jia. Coming up: Integrity – Who Cares?

Integrity & Malware Dan Fleck CS469 Security Engineering Some of the slides are modified with permission from Quan Jia. Coming up: Integrity – Who Cares?
Unions The storage referenced by a union variable can hold data of different types subject to the restriction that at any one time, the storage holds data.

Unions The storage referenced by a union variable can hold data of different types subject to the restriction that at any one time, the storage holds data.
CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson

CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson
Pointer, malloc and realloc 1. Name entered was 6 char, not enough space to put null terminator 2 Array of char.

Pointer, malloc and realloc 1. Name entered was 6 char, not enough space to put null terminator 2 Array of char.
Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.

Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.
Buffer Overflows By Tim Peterson Joel Miller Dan Block.

Buffer Overflows By Tim Peterson Joel Miller Dan Block.
1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.

1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.
Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.

Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.
Stack buffer overflow http://en.wikipedia.org/wiki/Stack_buffer_overflow.

Stack buffer overflow
CSE 451 Section Autumn 2005 Richard Dunn Office hours: WTh 3:30-4:20 Allen 216 (or lab)

CSE 451 Section Autumn 2005 Richard Dunn Office hours: WTh 3:30-4:20 Allen 216 (or lab)
CMSC 104, Version 8/061L22Arrays1.ppt Arrays, Part 1 of 2 Topics Definition of a Data Structure Definition of an Array Array Declaration, Initialization,

CMSC 104, Version 8/061L22Arrays1.ppt Arrays, Part 1 of 2 Topics Definition of a Data Structure Definition of an Array Array Declaration, Initialization,
Overview Working directly with memory locations is beneficial. In C, pointers allow you to: change values passed as arguments to functions work directly.

Overview Working directly with memory locations is beneficial. In C, pointers allow you to: change values passed as arguments to functions work directly.
University of Washington CSE 351 : The Hardware/Software Interface Section 5 Structs as parameters, buffer overflows, and lab 3.

University of Washington CSE 351 : The Hardware/Software Interface Section 5 Structs as parameters, buffer overflows, and lab 3.
Debugging Print And Imaging Drivers. Print driver team philosophy on driver quality There are tools to detect violations Wrongful development assumptions.

Debugging Print And Imaging Drivers. Print driver team philosophy on driver quality There are tools to detect violations Wrongful development assumptions.
Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-

Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-

Similar presentations

Ads by Google