SlideShare a Scribd company logo

Buffer overflow

Download as PPTX, PDF
A
Abu Juha Ahmed Muid

A buffer, or data buffer, is an area of physical memory storage used to temporarily store data while it is being moved from one place to another. These buffers typically live in RAM memory. A buffer, or data buffer, is an area of physical memory storage used to temporarily store data while it is being moved from one place to another. These buffers typically live in RAM memory.

Education
1 of 20
BUFFER OVERFLOW Course Code: MISS1201 Course Name: Intrusion Management and Ethical Hacking Abu Juha Ahmed Muid Roll: 2054911004 MISS-2020 Bangladesh University of Professionals
content  What’s a buffer?  What is buffer overflow?  Use of the Stack  Who is vulnerable to buffer overflow attacks?  How do attackers exploit buffer overflows?  What are the different types of buffer overflow attacks?  Buffer Overflow Example
 The size and complexity of software systems is growing, increasing the number of bugs. Many of these bugs constitute security vulnerabilities. Most common of these bugs is the buffer overflow vulnerability
What’s a buffer?  A buffer, or data buffer, is an area of physical memory storage used to temporarily store data while it is being moved from one place to another. These buffers typically live in RAM memory. Computers frequently use buffers to help improve performance; most modern hard drives take advantage of buffering to efficiently access data, and many online services also use buffers. For example, buffers are frequently used in online video streaming to prevent interruption. When a video is streamed, the video player downloads and stores perhaps 20% of the video at a time in a buffer and then streams from that buffer. This way, minor drops in connection speed or quick service disruptions won’t affect the video stream performance.  Buffers are designed to contain specific amounts of data. Unless the program utilizing the buffer has built-in instructions to discard data when too much is sent to the buffer, the program will overwrite data in memory adjacent to the buffer.
What is buffer overflow?  Buffer overflow is an anomaly that occurs when software writing data to a buffer overflows the buffer’s capacity, resulting in adjacent memory locations being overwritten. In other words, too much information is being passed into a container that does not have enough space, and that information ends up replacing data in adjacent containers.  Buffer overflows can be exploited by attackers with a goal of modifying a computer’s memory in order to undermine or take control of program execution. M I S S S T U D E N T
Use of the Stack  The stack is a region in a program's memory space that is only accessible from the top. There are two operations, push and pop, to a stack. A push stores a new data item on top of the stack, a pop removes the top item. Every process has its own memory space (at least in a decent OS), among them a stack region and a heap region. The stack is used heavily to store local variables and the return address of a function.
Use of the Stack  The stack is a region in a program's memory space that is only accessible from the top. There are two operations, push and pop, to a stack. A push stores a new data item on top of the stack, a pop removes the top item. Every process has its own memory space (at least in a decent OS), among them a stack region and a heap region. The stack is used heavily to store local variables and the return address of a function. A B C D D C B A Push Pop
Use of the Stack
Memory layout for a process.
Who is vulnerable to buffer overflow attacks?  Certain coding languages are more susceptible to buffer overflow than others. C and C++ are two popular languages with high vulnerability, since they contain no built-in protections against accessing or overwriting data in their memory. Windows, Mac OSX, and Linux all contain code written in one or both of these languages.  More modern languages like Java, PERL, and C# have built-in features that help reduce the chances of buffer overflow, but cannot prevent it altogether.
How do attackers exploit buffer overflows?  An attacker can deliberately feed a carefully crafted input into a program that will cause the program to try and store that input in a buffer that isn’t large enough, overwriting portions of memory connected to the buffer space. If the memory layout of the program is well-defined, the attacker can deliberately overwrite areas known to contain executable code. The attacker can then replace this code with his own executable code, which can drastically change how the program is intended to work.  For example if the overwritten part in memory contains a pointer (an object that points to another place in memory) the attacker’s code could replace that code with another pointer that points to an exploit payload. This can transfer control of the whole program over to the attacker’s code.
What are the different types of buffer overflow attacks?  There are a number of different buffer overflow attacks which employ different strategies and target different pieces of code.  Stack overflow attack - This is the most common type of buffer overflow attack and involves overflowing a buffer on the call stack.  Heap overflow attack - This type of attack targets data in the open memory pool known as the heap.  Integer overflow attack - In an integer overflow, an arithmetic operation results in an integer (whole number) that is too large for the integer type meant to store it; this can result in a buffer overflow.  Unicode overflow - A unicode overflow creates a buffer overflow by inserting unicode characters into an input that expect ASCII characters.
How to protect against buffer overflow attacks  Luckily, modern operating systems have runtime protections which help mitigate buffer overflow attacks. Let’s explore 2 common protections that help mitigate the risk of exploitation:  Address space randomization - Randomly rearranges the address space locations of key data areas of a process. Buffer overflow attacks generally rely on knowing the exact location of important executable code, randomization of address spaces makes that nearly impossible.  Data execution prevention - Marks certain areas of memory either executable or non-executable, preventing an exploit from running code found in a non-executable area.  Software developers can also take precautions against buffer overflow vulnerabilities by writing in languages that have built-in protections or using special security procedures in their code.
Buffer Overflow Example  Function: the calling function written by the developer  Parameters: the parameters needed by the function  Return: it tells the program what to do after it has executed the function  Basepointer: marks the start of a function stack frame  Buffer: the allocated space for data  As you can see in the image above, memory is made of different parts. Between the stack and the heap, there is a buffer area, which allows both to grow during run time.  If we look at a stack in detail, we can see different sections:
Buffer Overflow Example  In this example, we have a program that allocated 20 bits of buffer. If we inject more than that amount, say 30 bits, the data will overflow.  Because of the nature of the memory, the data will overflow upwards towards the function. Once it gets to the return section, that is where the problems start.  If an attacker injects data in the return that points to the address of malicious code, the program will run it, causing severe consequences.
 Shellcodes are typically injected into computer memory by exploiting stack or heap-based buffer overflows vulnerabilities, or format string attacks.
 GCC, the GNU Compiler Collection  https://gcc.gnu.org/  apt-get install gcc in linux  GDB: The GNU Project Debugger  https://www.gnu.org/software/gdb/  apt-get install gdb
History

Recommended

Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacksJoe McCarthy
 
Exception Handling in Java
Exception Handling in JavaException Handling in Java
Exception Handling in Javalalithambiga kamaraj
 
6 buffer overflows
6 buffer overflows6 buffer overflows
6 buffer overflowsdrewz lin
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesDr.Florence Dayana
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Malicious software
Malicious softwareMalicious software
Malicious softwareDr.Florence Dayana
 
Demand paging
Demand pagingDemand paging
Demand pagingTrinity Dwarka
 
Multiprocessor
MultiprocessorMultiprocessor
MultiprocessorNeel Patel
 

Recommended

Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacksJoe McCarthy
 
Exception Handling in Java
Exception Handling in JavaException Handling in Java
Exception Handling in Javalalithambiga kamaraj
 
6 buffer overflows
6 buffer overflows6 buffer overflows
6 buffer overflowsdrewz lin
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesDr.Florence Dayana
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Malicious software
Malicious softwareMalicious software
Malicious softwareDr.Florence Dayana
 
Demand paging
Demand pagingDemand paging
Demand pagingTrinity Dwarka
 
Multiprocessor
MultiprocessorMultiprocessor
MultiprocessorNeel Patel
 
Buffer overflow
Buffer overflowBuffer overflow
Buffer overflowقصي نسور
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit ivArthyR3
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating systemAbou Bakr Ashraf
 
Chapter 2 program-security
Chapter 2 program-securityChapter 2 program-security
Chapter 2 program-securityVamsee Krishna Kiran
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Thrashing allocation frames.43
Thrashing allocation frames.43Thrashing allocation frames.43
Thrashing allocation frames.43myrajendra
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquesMohd Arif
 
Parallel processing
Parallel processingParallel processing
Parallel processingSyed Zaid Irshad
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
Unix.system.calls
Unix.system.callsUnix.system.calls
Unix.system.callsGRajendra
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacksphanleson
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
Memory management
Memory managementMemory management
Memory managementRajni Sirohi
 
Memory Management in OS
Memory Management in OSMemory Management in OS
Memory Management in OSvampugani
 
Bus interconnection
Bus interconnectionBus interconnection
Bus interconnectionMuhammad Ishaq
 
Web security
Web securityWeb security
Web securitySubhash Basistha
 
Symmetric encryption
Symmetric encryptionSymmetric encryption
Symmetric encryptionDR RICHMOND ADEBIAYE
 
Paging and Segmentation in Operating System
Paging and Segmentation in Operating SystemPaging and Segmentation in Operating System
Paging and Segmentation in Operating SystemRaj Mohan
 
Shared memory
Shared memoryShared memory
Shared memoryAbhishek Khune
 
Ids 008 buffer overflow
Ids 008 buffer overflowIds 008 buffer overflow
Ids 008 buffer overflowjyoti_lakhani
 
Golf teamlearnerlecture
Golf teamlearnerlectureGolf teamlearnerlecture
Golf teamlearnerlecturekairistiona
 

More Related Content

What's hot

Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit ivArthyR3
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating systemAbou Bakr Ashraf
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Thrashing allocation frames.43
Thrashing allocation frames.43Thrashing allocation frames.43
Thrashing allocation frames.43myrajendra
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquesMohd Arif
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
Unix.system.calls
Unix.system.callsUnix.system.calls
Unix.system.callsGRajendra
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacksphanleson
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
Memory Management in OS
Memory Management in OSMemory Management in OS
Memory Management in OSvampugani
 
Paging and Segmentation in Operating System
Paging and Segmentation in Operating SystemPaging and Segmentation in Operating System
Paging and Segmentation in Operating SystemRaj Mohan
 

What's hot (20)

Buffer overflow
Buffer overflowBuffer overflow
Buffer overflow
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit iv
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating system
 
Chapter 2 program-security
Chapter 2 program-securityChapter 2 program-security
Chapter 2 program-security
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
Thrashing allocation frames.43
Thrashing allocation frames.43Thrashing allocation frames.43
Thrashing allocation frames.43
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniques
 
Parallel processing
Parallel processingParallel processing
Parallel processing
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 
Unix.system.calls
Unix.system.callsUnix.system.calls
Unix.system.calls
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacks
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
 
Memory management
Memory managementMemory management
Memory management
 
Memory Management in OS
Memory Management in OSMemory Management in OS
Memory Management in OS
 
Bus interconnection
Bus interconnectionBus interconnection
Bus interconnection
 
Web security
Web securityWeb security
Web security
 
Symmetric encryption
Symmetric encryptionSymmetric encryption
Symmetric encryption
 
Paging and Segmentation in Operating System
Paging and Segmentation in Operating SystemPaging and Segmentation in Operating System
Paging and Segmentation in Operating System
 
Shared memory
Shared memoryShared memory
Shared memory
 

Similar to Buffer overflow

Ids 008 buffer overflow
Ids 008 buffer overflowIds 008 buffer overflow
Ids 008 buffer overflowjyoti_lakhani
 
Golf teamlearnerlecture
Golf teamlearnerlectureGolf teamlearnerlecture
Golf teamlearnerlecturekairistiona
 
What
WhatWhat
Whatanity
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacksSandun Perera
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacksSandun Perera
 
IRJET - Buffer Overflows Attacks & Defense
IRJET - Buffer Overflows Attacks & DefenseIRJET - Buffer Overflows Attacks & Defense
IRJET - Buffer Overflows Attacks & DefenseIRJET Journal
 
Software Reverse Engineering in a Security Context
Software Reverse Engineering in a Security ContextSoftware Reverse Engineering in a Security Context
Software Reverse Engineering in a Security ContextLokendra Rawat
 
Ceh v5 module 20 buffer overflow
Ceh v5 module 20 buffer overflowCeh v5 module 20 buffer overflow
Ceh v5 module 20 buffer overflowVi Tính Hoàng Nam
 
Buffer overflow explained
Buffer overflow explainedBuffer overflow explained
Buffer overflow explainedTeja Babu
 
Module 20 (buffer overflows)
Module 20 (buffer overflows)Module 20 (buffer overflows)
Module 20 (buffer overflows)Wail Hassan
 
1Buttercup On Network-based Detection of Polymorphic B.docx
1Buttercup On Network-based Detection of Polymorphic B.docx 1Buttercup On Network-based Detection of Polymorphic B.docx
1Buttercup On Network-based Detection of Polymorphic B.docxaryan532920
 
please answer these questions number by numberSolution1) An.pdf
please answer these questions number by numberSolution1) An.pdfplease answer these questions number by numberSolution1) An.pdf
please answer these questions number by numberSolution1) An.pdfarishaenterprises12
 
Possibility of arbitrary code execution by Step-Oriented Programming by Hiroa...
Possibility of arbitrary code execution by Step-Oriented Programming by Hiroa...Possibility of arbitrary code execution by Step-Oriented Programming by Hiroa...
Possibility of arbitrary code execution by Step-Oriented Programming by Hiroa...CODE BLUE
 
Possibility of arbitrary code execution by Step-Oriented Programming
Possibility of arbitrary code execution by Step-Oriented ProgrammingPossibility of arbitrary code execution by Step-Oriented Programming
Possibility of arbitrary code execution by Step-Oriented Programmingkozossakai
 
Introduction to system programming
Introduction to system programmingIntroduction to system programming
Introduction to system programmingsonalikharade3
 
Reverse engineering – debugging fundamentals
Reverse engineering – debugging fundamentalsReverse engineering – debugging fundamentals
Reverse engineering – debugging fundamentalsEran Goldstein
 
An automated approach to fix buffer overflows
An automated approach to fix buffer overflows An automated approach to fix buffer overflows
An automated approach to fix buffer overflows IJECEIAES
 
Program security
Program securityProgram security
Program securityG Prachi
 

Similar to Buffer overflow (20)

Ids 008 buffer overflow
Ids 008 buffer overflowIds 008 buffer overflow
Ids 008 buffer overflow
 
Golf teamlearnerlecture
Golf teamlearnerlectureGolf teamlearnerlecture
Golf teamlearnerlecture
 
What
WhatWhat
What
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacks
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacks
 
IRJET - Buffer Overflows Attacks & Defense
IRJET - Buffer Overflows Attacks & DefenseIRJET - Buffer Overflows Attacks & Defense
IRJET - Buffer Overflows Attacks & Defense
 
Software Reverse Engineering in a Security Context
Software Reverse Engineering in a Security ContextSoftware Reverse Engineering in a Security Context
Software Reverse Engineering in a Security Context
 
Ceh v5 module 20 buffer overflow
Ceh v5 module 20 buffer overflowCeh v5 module 20 buffer overflow
Ceh v5 module 20 buffer overflow
 
Buffer overflow explained
Buffer overflow explainedBuffer overflow explained
Buffer overflow explained
 
Module 20 (buffer overflows)
Module 20 (buffer overflows)Module 20 (buffer overflows)
Module 20 (buffer overflows)
 
1Buttercup On Network-based Detection of Polymorphic B.docx
1Buttercup On Network-based Detection of Polymorphic B.docx 1Buttercup On Network-based Detection of Polymorphic B.docx
1Buttercup On Network-based Detection of Polymorphic B.docx
 
please answer these questions number by numberSolution1) An.pdf
please answer these questions number by numberSolution1) An.pdfplease answer these questions number by numberSolution1) An.pdf
please answer these questions number by numberSolution1) An.pdf
 
Possibility of arbitrary code execution by Step-Oriented Programming by Hiroa...
Possibility of arbitrary code execution by Step-Oriented Programming by Hiroa...Possibility of arbitrary code execution by Step-Oriented Programming by Hiroa...
Possibility of arbitrary code execution by Step-Oriented Programming by Hiroa...
 
Possibility of arbitrary code execution by Step-Oriented Programming
Possibility of arbitrary code execution by Step-Oriented ProgrammingPossibility of arbitrary code execution by Step-Oriented Programming
Possibility of arbitrary code execution by Step-Oriented Programming
 
Introduction to system programming
Introduction to system programmingIntroduction to system programming
Introduction to system programming
 
Reverse engineering – debugging fundamentals
Reverse engineering – debugging fundamentalsReverse engineering – debugging fundamentals
Reverse engineering – debugging fundamentals
 
nullcon 2011 - Fuzzing with Complexities
nullcon 2011 - Fuzzing with Complexitiesnullcon 2011 - Fuzzing with Complexities
nullcon 2011 - Fuzzing with Complexities
 
An automated approach to fix buffer overflows
An automated approach to fix buffer overflows An automated approach to fix buffer overflows
An automated approach to fix buffer overflows
 
Rust Hack
Rust HackRust Hack
Rust Hack
 
Program security
Program securityProgram security
Program security
 

Recently uploaded

Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxJiesonDelaCerna
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...jaredbarbolino94
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxDr.Ibrahim Hassaan
 

Recently uploaded (20)

Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptx
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptx
 

Buffer overflow

  • 1. BUFFER OVERFLOW Course Code: MISS1201 Course Name: Intrusion Management and Ethical Hacking Abu Juha Ahmed Muid Roll: 2054911004 MISS-2020 Bangladesh University of Professionals
  • 2. content  What’s a buffer?  What is buffer overflow?  Use of the Stack  Who is vulnerable to buffer overflow attacks?  How do attackers exploit buffer overflows?  What are the different types of buffer overflow attacks?  Buffer Overflow Example
  • 3.  The size and complexity of software systems is growing, increasing the number of bugs. Many of these bugs constitute security vulnerabilities. Most common of these bugs is the buffer overflow vulnerability
  • 4. What’s a buffer?  A buffer, or data buffer, is an area of physical memory storage used to temporarily store data while it is being moved from one place to another. These buffers typically live in RAM memory. Computers frequently use buffers to help improve performance; most modern hard drives take advantage of buffering to efficiently access data, and many online services also use buffers. For example, buffers are frequently used in online video streaming to prevent interruption. When a video is streamed, the video player downloads and stores perhaps 20% of the video at a time in a buffer and then streams from that buffer. This way, minor drops in connection speed or quick service disruptions won’t affect the video stream performance.  Buffers are designed to contain specific amounts of data. Unless the program utilizing the buffer has built-in instructions to discard data when too much is sent to the buffer, the program will overwrite data in memory adjacent to the buffer.
  • 5. What is buffer overflow?  Buffer overflow is an anomaly that occurs when software writing data to a buffer overflows the buffer’s capacity, resulting in adjacent memory locations being overwritten. In other words, too much information is being passed into a container that does not have enough space, and that information ends up replacing data in adjacent containers.  Buffer overflows can be exploited by attackers with a goal of modifying a computer’s memory in order to undermine or take control of program execution. M I S S S T U D E N T
  • 6. Use of the Stack  The stack is a region in a program's memory space that is only accessible from the top. There are two operations, push and pop, to a stack. A push stores a new data item on top of the stack, a pop removes the top item. Every process has its own memory space (at least in a decent OS), among them a stack region and a heap region. The stack is used heavily to store local variables and the return address of a function.
  • 7. Use of the Stack  The stack is a region in a program's memory space that is only accessible from the top. There are two operations, push and pop, to a stack. A push stores a new data item on top of the stack, a pop removes the top item. Every process has its own memory space (at least in a decent OS), among them a stack region and a heap region. The stack is used heavily to store local variables and the return address of a function. A B C D D C B A Push Pop
  • 8. Use of the Stack
  • 9. Memory layout for a process.
  • 10. Who is vulnerable to buffer overflow attacks?  Certain coding languages are more susceptible to buffer overflow than others. C and C++ are two popular languages with high vulnerability, since they contain no built-in protections against accessing or overwriting data in their memory. Windows, Mac OSX, and Linux all contain code written in one or both of these languages.  More modern languages like Java, PERL, and C# have built-in features that help reduce the chances of buffer overflow, but cannot prevent it altogether.
  • 11. How do attackers exploit buffer overflows?  An attacker can deliberately feed a carefully crafted input into a program that will cause the program to try and store that input in a buffer that isn’t large enough, overwriting portions of memory connected to the buffer space. If the memory layout of the program is well-defined, the attacker can deliberately overwrite areas known to contain executable code. The attacker can then replace this code with his own executable code, which can drastically change how the program is intended to work.  For example if the overwritten part in memory contains a pointer (an object that points to another place in memory) the attacker’s code could replace that code with another pointer that points to an exploit payload. This can transfer control of the whole program over to the attacker’s code.
  • 12. What are the different types of buffer overflow attacks?  There are a number of different buffer overflow attacks which employ different strategies and target different pieces of code.  Stack overflow attack - This is the most common type of buffer overflow attack and involves overflowing a buffer on the call stack.  Heap overflow attack - This type of attack targets data in the open memory pool known as the heap.  Integer overflow attack - In an integer overflow, an arithmetic operation results in an integer (whole number) that is too large for the integer type meant to store it; this can result in a buffer overflow.  Unicode overflow - A unicode overflow creates a buffer overflow by inserting unicode characters into an input that expect ASCII characters.
  • 13. How to protect against buffer overflow attacks  Luckily, modern operating systems have runtime protections which help mitigate buffer overflow attacks. Let’s explore 2 common protections that help mitigate the risk of exploitation:  Address space randomization - Randomly rearranges the address space locations of key data areas of a process. Buffer overflow attacks generally rely on knowing the exact location of important executable code, randomization of address spaces makes that nearly impossible.  Data execution prevention - Marks certain areas of memory either executable or non-executable, preventing an exploit from running code found in a non-executable area.  Software developers can also take precautions against buffer overflow vulnerabilities by writing in languages that have built-in protections or using special security procedures in their code.
  • 14. Buffer Overflow Example  Function: the calling function written by the developer  Parameters: the parameters needed by the function  Return: it tells the program what to do after it has executed the function  Basepointer: marks the start of a function stack frame  Buffer: the allocated space for data  As you can see in the image above, memory is made of different parts. Between the stack and the heap, there is a buffer area, which allows both to grow during run time.  If we look at a stack in detail, we can see different sections:
  • 15. Buffer Overflow Example  In this example, we have a program that allocated 20 bits of buffer. If we inject more than that amount, say 30 bits, the data will overflow.  Because of the nature of the memory, the data will overflow upwards towards the function. Once it gets to the return section, that is where the problems start.  If an attacker injects data in the return that points to the address of malicious code, the program will run it, causing severe consequences.
  • 16.  Shellcodes are typically injected into computer memory by exploiting stack or heap-based buffer overflows vulnerabilities, or format string attacks.
  • 17.  GCC, the GNU Compiler Collection  https://gcc.gnu.org/  apt-get install gcc in linux  GDB: The GNU Project Debugger  https://www.gnu.org/software/gdb/  apt-get install gdb
  • 18.
  • 19.