Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
3Activity
0 of .
Results for:
No results containing your search query
P. 1
buffer overflow attack

buffer overflow attack

Ratings: (0)|Views: 89 |Likes:
Published by api-19937584

More info:

Published by: api-19937584 on Dec 02, 2009
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

03/18/2014

pdf

text

original

Buffer Over\ufb02ow Attack
Renjith Thomas
renjithquadrants@yahoo.co.in
Buffer Over\ufb02ow Attack
by Renjith Thomas
Copyright \u00a9 2003 by Renjith Thomas
Revision History
Revision 1.0 15 Oct 2003 Revised by: RT
Buffer Over\ufb02ow Attack
Table of Contents
Acknowledgement............................................................................... i
1. Introduction................................................................................... 1

Pre-requisites..................................................................................... 1 Linux File System Permissions........................................................... 1 Linux and the C programming language............................................. 2

2. What\u2019s a Buffer Over\ufb02ow?.............................................................. 3

Memory layout................................................................................... 3
Text Segment.............................................................................. 3
Data Segment............................................................................. 3
Stack Segment............................................................................ 3
EIP register, CALL & RET instructions................................................ 5

ESP, EBP........................................................................................... 6 An Illustration.................................................................................... 7 A simple example............................................................................... 8

3. The Attack................................................................................... 11
Shell Code........................................................................................ 11
How to execute /bin/sh ?................................................................. 11
4. Creative stack smashing............................................................... 17
SUID root programs by distribution.................................................. 17
5. Prevention and Security............................................................... 19

Finding Buffer Over\ufb02ows.................................................................. 19
Stack Smashing Prevention.............................................................. 19
Program modi\ufb01cation................................................................ 19
Compiler modi\ufb01cations............................................................. 21
CPU/OS kernel stack execution privilege.................................. 22

6. Conclusion................................................................................... 25
A. References................................................................................... 27
iii

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->