Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword or section
Like this
1Activity

Table Of Contents

Introduction to Buffer Overflows
Generalities
1.1 Process memory
1.1.1 Global organization
1.1.2 Function calls
1.2 Buffers, and how vulnerable they may be
Stack overflows
2.1 Principle
2.2 Illustration
2.2.2 Attack via environment variables
2.2.3 Attack using gets
Heap overflows
3.1 Terminology
3.1.1 Unix
3.1.2 Windows
3.2 Motivations and Overview
3.3 Overwriting pointers
3.3.1 Difficulties
3.3.2 Interest of the attack
3.3.3 Practical study
3.4 Overwriting function pointers
3.4.1 Pointer to function: short reminder
3.4.2 Principle
3.4.3 Example
3.5 Trespassing the heap with C ++
3.5.1 C++ Background
3.5.2 Overwriting the VPTR
3.5.3 Conclusions
3.6 Exploiting the malloc library
3.6.1 DLMALLOC: structure
3.6.2 Corruption of DLMALLOC: principle
Introduction
How does Libsafe work?
5.1 Presentation
5.2 Why are the functions of the libC unsafe ?
5.3 What does libsafe provide ?
The Grsecurity Kernel patch
6.1 Open Wall: non-executable stack
6.2 PaX: non-executable stack and heap
6.2.1 Overview
6.2.2 Implementation
6.3 Escaping non-executable stack protection: return into libC
Detection: Prelude
7.1 Prelude and Libsafe
7.2 Shellcode detection with Prelude
7.2.1 Principle
7.2.2 Implementation
7.3 A new danger: plymorphic shellcodes
7.3.1 Where the danger lies
7.3.2 How to discover it ?
First steps toward security
Installations
8.1 Installing Libsafe
8.2 Patching the Linux Kernel with Grsecurity
8.3 Compile time protection: installing Stack Shield
8.4 Intrusion Detection System: installing Prelude
Protections activation
9.1 Setting up Libsafe
9.1.1 LD PRELOAD
9.1.2 /etc/ld.so.preload
9.2 Running Prelude
9.2.1 Libsafe alerts
9.2.2 Shellcode attack detection
Tests: protection and performance
Protection efficiency
10.1 Exploits
10.1.1 Stack overflow
10.1.2 Heap overflow
10.2 Execution
10.2.1 Zero protection
10.2.2 Libsafe
10.2.3 Open Wall Kernel patch
10.2.4 PaX Kernel patch
10.2.5 Stack Shield
10.3 Synthesis
Performance tests
11.1 Process
11.2 Analysis
11.3 Miscellaneous notes
A solution summary
Programming safely
13.1 Limitations of libsafe
13.2 Benefits
The Grsecurity patch
14.1 A few drawbacks
14.2 Efficiency
Combining PaX and Prelude
B.1 Overview
B.2 PaX logs analysis
Performance tests figures
0 of .
Results for:
No results containing your search query
P. 1
A Buffer Overflow Study

A Buffer Overflow Study

Ratings: (0)|Views: 314|Likes:
Published by swordfin
IT
IT

More info:

Categories:Presentations
Published by: swordfin on Sep 26, 2013
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

12/14/2013

pdf

text

original

You're Reading a Free Preview
Pages 7 to 81 are not shown in this preview.
You're Reading a Free Preview
Pages 85 to 102 are not shown in this preview.

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->