Jump to content


Photo
- - - - -

Buffer Overflow


  • Please log in to reply
5 replies to this topic

#1 AjexMe

AjexMe

    SCRiPT KiDDie

  • Members
  • 26 posts

Posted 29 November 2007 - 03:42 PM

This is my test file and the parameter i had used.
http://localhost/tut....id=40000000000

it throws an error like:

Microsoft VBScript runtime  error '800a0006'

Overflow: 'cint'

/pen/test09.asp, line 13

is there any way to exploit this type of buffer overflows ?

Edited by AjexMe, 29 November 2007 - 03:43 PM.


#2 Ohm

Ohm

    I could have written a book with all of these posts

  • Members
  • 3,209 posts
  • Gender:Male
  • Location:Maine, USA

Posted 29 November 2007 - 04:18 PM

That doesn't look like a buffer overflow, but rather an integer overflow (something very different). Without more code or information, it's not possible to say much more.

#3 AjexMe

AjexMe

    SCRiPT KiDDie

  • Members
  • 26 posts

Posted 29 November 2007 - 04:31 PM

great man !!!

i was totally mistaken.

thanx

#4 The_STDstroyer

The_STDstroyer

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 422 posts
  • Location:Massachusetts

Posted 01 December 2007 - 11:15 AM

This is my test file and the parameter i had used.
<a href="http://localhost/tutorials/pen/test09.asp?.id=40000000000" target="_blank">http://localhost/tutorials/pen/test09.asp?.id=40000000000</a>

it throws an error like:

Microsoft VBScript runtime  error '800a0006'

Overflow: 'cint'

/pen/test09.asp, line 13

is there any way to exploit this type of buffer overflows ?

yeah you can kinda see.
cINT
int=integer

#5 n3xg3n

n3xg3n

    "I Hack, therefore, I am"

  • Members
  • 960 posts
  • Country:
  • Gender:Male
  • Location:(703)

Posted 01 December 2007 - 12:06 PM

To explain what an integer overflow is, you have to have a basic concept of the way many programming languages are. When you declare a variable (something that you can temporarily store information in; read from, write to, within the program's memory) you typically (from now on I'll assume your working with a language like this since most -- if not all -- act like this) need to give it a type (Integer, Long, String, Boolean, Byte, Etc...) so that the program's memory knows what kind of information your going to be storing there (In this case Integers). Integer's are interesting because many languages handle them differently, The size tends to vary from language to language, for instance the range of a basic (signed) integer in C is -2,147,483,648 to 2,147,483,647, where as the range of an integer in Visual Basic 6 is only -32,768 to 32,767. But what happens if you go over the limit of what an integer is defined as? Some high-level languages (such as Python) will correct the problem for you, but other languages will crash the program when they accept information that causes an integer overflow, unless the enterprising young programmer thought ahead and researched his language to find the restrictions then built in checks before arbitrarily accepting user-provided information.

In other words, an integer overflow occurs when a number is put into an integer variable which to too large for that languages definition of 'integer'.

(Gawd I am bored ;) But 700th post :D )

#6 Dejected Deity

Dejected Deity

    elite

  • Members
  • 112 posts

Posted 01 December 2007 - 12:29 PM

This is my test file and the parameter i had used.
<a href="http://localhost/tutorials/pen/test09.asp?.id=40000000000" target="_blank">http://localhost/tutorials/pen/test09.asp?.id=40000000000</a>

it throws an error like:

Microsoft VBScript runtime  error '800a0006'

Overflow: 'cint'

/pen/test09.asp, line 13

is there any way to exploit this type of buffer overflows ?


Try adding code to the end of your input or something. See if anything registers as actual code/gives a different error. (It's always good to add a comment, just to see if it actually comments out an important piece of code)




BinRev is hosted by the great people at Lunarpages!