Exploit Research and Development Megaprimer: Buffer overflow for beginners

1,157 views

Published on

Exploit Research and Development Megaprimer
http://opensecurity.in/exploit-research-and-development-megaprimer/

http://www.youtube.com/playlist?list=PLX3EwmWe0cS_5oy86fnqFRfHpxJHjtuyf

Published in: Education, Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,157
On SlideShare
0
From Embeds
0
Number of Embeds
85
Actions
Shares
0
Downloads
42
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Exploit Research and Development Megaprimer: Buffer overflow for beginners

  1. 1. Buffer Overflow for Beginners Ajin Abraham www.keralacyberforce.in
  2. 2. Buffer: it is a block of memory What is Buffer Overflow? Buffer overflow is caused when too much data is inserted into a buffer than it can handle. So this may lead to the executing of arbitrary code if a certain memory pointer is overwritten.
  3. 3. Buffer Overflow for Beginner Command Name 152903854 128 + 6 bytes 152903720 10 + 6 bytes 152903704
  4. 4. Buffer Overflow for Beginner Command {with system() function execute the contents of the variable command} system(command); Name {Read to Name Variable and Print the contents of name variable} gets(name); printf(“Hello %sn”,name);
  5. 5. Buffer Overflow for Beginner When you give an input, say www.keralacyberforce.in What happens?
  6. 6. Buffer Overflow for Beginner commandorce.in (10)namewww.kerala (6)malloccyberf 152903832 128 + 6 bytes 10 + 6 bytes 152903704 It will be assigned to the memory like this.
  7. 7. Buffer Overflow for Beginner This buffer overflow is caused because the gets() function doesn't limit’s the length of the input
  8. 8. Buffer Overflow for Beginner To overrule this buffer overflow you can use fgets(name, 10, stdin); where it will read a maximum of 10 characters from the input.

×