Dr. Z2A

Buffer Overflow exploits

16 posts in this topic

I was just wondering if anyone could explain to me how buffer overflow exploits work and how to execute them. I don't plan to use this for any illegal purposes, just for curiousity and on rootthisbox.org. Any help would be appreciated.

0

Share this post


Link to post
Share on other sites

PSSSSSSSSSSHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH, well atleast this is NUBIE HQ

ok well you have "local" and "remote" buffer overflows but basically its when a buffer that looks like this

 array[150] 
<<<<< C

^ means theres a buffer that accepts 150 chars(character(onebyte)) and if you give it more, well, it gets overflowed.

You find there vulnerabilitys using a memory seacher(not always) or a debugger... if we dont have the source code ofcourse. then you write a script to exploit it, lots of time shellcode can be injected into adjactent memory spaces so you can do something besides crashing the program and/or computer.

BUT REALLY DUDE, go read a paper on arrays, buffers, and overflows.

BTW, if you want to find your own, I recommend becoming a 1337 coder first...

K.H.O.

Edited by K.H.O.
0

Share this post


Link to post
Share on other sites

Isn't there a way in c and other programming languages to prevent buffer overflows? :unsure:

Edited by fileit
0

Share this post


Link to post
Share on other sites
sn't there a way in c and other programming languages to prevent buffer overflows? unsure.gif

yea dont do things like strcopy, even tho thats more of a format string thing, keep your memory tidy.

You know, Java, Though is invulnerable to buffer overflows because the type of lanquage it is, C/C++ is not.

K.H.O.

0

Share this post


Link to post
Share on other sites
sn't there a way in c and other programming languages to prevent buffer overflows? unsure.gif

yea dont do things like strcopy, even tho thats more of a format string thing, keep your memory tidy.

You know, Java, Though is invulnerable to buffer overflows because the type of lanquage it is, C/C++ is not.

K.H.O.

No, it's because Java uses a sandbox for everything. "Type of language" makes no sense because OOP is vuln to overflows. Please research.

0

Share this post


Link to post
Share on other sites

I dident mean "type of lanquage" as OOP, i MENT how the lanquage did stuff.

0

Share this post


Link to post
Share on other sites

WTF, U HACKERS!!!!!!!!!

HARDLY ANYONE posted about how they work, or added, except for i gave a simple example.

WTF

0

Share this post


Link to post
Share on other sites

and the example you gave was wrong. Basic buffer overflow info can be googled. So there's really no reason to recreate the wheel in a message board post.

0

Share this post


Link to post
Share on other sites
WTF, U HACKERS!!!!!!!!!

HARDLY ANYONE posted about how they work, or added, except for i gave a simple example.

WTF

Besides, have you any idea how complex the topic can be? At most you could provide a summary; but what good would that possibly be for practical uses?

However, I do agree that we need more discussion of actual hacking on this site. I look through the forums and see topics about computers and news, but hardly anything security-related is to be found.

0

Share this post


Link to post
Share on other sites
WTF, U HACKERS!!!!!!!!!

HARDLY ANYONE posted about how they work, or added, except for i gave a simple example.

WTF

Besides, have you any idea how complex the topic can be? At most you could provide a summary; but what good would that possibly be for practical uses?

However, I do agree that we need more discussion of actual hacking on this site. I look through the forums and see topics about computers and news, but hardly anything security-related is to be found.

Breaking into computers is not all that hacking is about. Computer Security only covers a narrow range of topics, while hacking covers a much broader one. Hacking is a mindset that can be applied to everything. But I do think that many posts in General Hacking should be moved to Off Topic, or maybe a General Computing section should be created for these posts.

Now for the question at hand (I am an UBER N00B at this topic, but here goes):

As said before, a buffer overflow happens when a number of primitives are placed in a buffer to small to hold them, and the excess primitives will overwrite the following memory segments, and overwrite the return address of the buffer. Usually, it will just cause the buffer to return to some random address and cause a segfault. However, the exploit rewrites the return address to make it point to a place where some arbitrary code can be executed to, say, spawn a shell. If the program has root privileges, then it could be used to do anything, like spawn a shell with root privileges, execute 'rm -rf /', etc.

Edited by Elzair
0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now