PPT-Lecture 16 Buffer Overflow

modified from slides of Lawrie Brown Buffer Overflow a very common attack mechanism first wide use by the Morris Worm in 1988 prevention techniques known still of major concern legacy of buggy code in widely deployed operating systems and applications. . Attacker’s goal. :. Take over target machine (e.g. web server). Execute arbitrary code on target by . hijacking application control flow. This lecture: three examples.. Buffer overflow attacks. 16. Buffer Overflow. modified from slides of . Lawrie. Brown. Buffer Overflow. a very common attack mechanism. first wide use by the Morris Worm in 1988. prevention techniques known. still of major concern. Chapter. 15 : . Attacking. . Compiled. Applications. Alexis Kirat - International Student. Native . execution. . environment. Vs. . Compiled. . execution. . environment. The majority of web applications are now written using languages and platforms that run in a managed execution environment in which classic vulnerabilities . 15-213: Introduction to Computer Systems. Recitation 6, Oct 1, 2012. Alexander Malyshev (amalyshe). Section A, 10:30a – 11:20p, WeH 4623. Agenda. Buffer overflow. Writing a C program. Makefiles. Revision Control. Gabe Kanzelmeyer. CS 450. 4/14/10. Overview. What is buffer overflow?. How memory is processed and the stack. The threat. Stack overrun attack. Dangers. Prevention. What is buffer overflow?. A buffer (array/string) that holds data. overflow. Cecilia Menéndez González. Erick Giovanni Sánchez Madero. Miguel Ángel González Alarcón. Una de las mayores vulnerabilidades de seguridad que tienen los actuales . sistemas . operativos y programas es ser sensibles a un desbordamiento de buffer, o como mejor se les conoce: Buffer . What is an Exploit?. An . exploit. . is any . input. (i.e., a piece of software, an argument string, or sequence of commands) that takes advantage of a bug, glitch or vulnerability in order to cause an attack. Stack frame layout. #include <. string.h. >. void foo (char *bar). {. . char c[12];. . . strcpy. (c, bar); //no bound. }. int. main (. int. . argc. , char **. argv. ). {. . foo(. argv. & . Rootkits. Warning. Do not use hacking tools unless you are . sure . you have . sysadmin’s. permission.. Company policy .  fired/suspended. Illegal Go to Jail. Honor Code. Just because you have a set of master-keys does NOT give you permission to drive anyone’s car!. Stack. in the higher parts of memory. Grows down. Used when a . function is called. Data Area. Global variables . not . inizialited. . to zero. BSS [. Block. . Started. by Symbol. ]. Segment. Global variables . Bogi Hansen, Karin M. H. Larsen, Steffen Olsen, Detlef Quadfasel, Kerstin Jochumsen, Svein Østerhus. Canonical value for. IFR-overflow: 1 Sv . IFR. Arctic Mediterranean. WV-overflow:. Western Valley overflow. 10-1/2" 27-1/226-1/2 39"19"18" 1 -1/2" 28-1/222-3/468 11-1/2" 29-1/227-1/2 47-3/4"20-1/2"16-1/2" 1 -1/2" SPECIFICATIONS without overflow with overflow to top of tub to overflow A . buffer is a contiguous allocated chunk of memory. , such as pointers, arrays, lists, etc.. Languages like C and C++ do not feature automatic bounds checking on the buffer, so it can be bypassed.. Dan Fleck. CS469 Security Engineering. Reference: . http://. www.thegeekstuff.com. /2013/06/buffer-overflow/ . Coming up: Buffer Overflows. 1. 1. Buffer Overflows. Buffer overflows occur when some sized portion of memory is overwritten with something bigger..