EXPERIMENT NO.

3
Name : Bhaskar Kumbhar
Roll No. : 6118023
Aim : Implementation of Buffer Overflow and its analysis & its
countermeasures.

THEORY:
A buffer, in terms of a program in execution, can be thought of as a region of computer’s
main memory that has certain boundaries in context with the program variable that
references this memory. Understanding stack-based overflow attacks involves at least a
basic understanding of computer memory. Memory in a computer is simply a storage place
for data and instructions—data for storing numbers, letters, images, and anything else, and
instructions that tell the computer what to do with the data. Both are stored in the same
memory because memory was prohibitively expensive in the early days of computing, and
reserving it for one type of storage or another was wasteful. Such an approach where data
and instructions are stored together is known as a Von Neumann architecture. It’s still in use
in most computers to this day, though as you will see, it is not without complications. On the
bright side, while security was not a driving factor in early computer and software design,
engineers realized that changing running instructions in memory was a bad idea, so even as
long ago as the ‘90s, standard hardware and operating systems were doing a good job of
preventing changes to instructional memory.

PROGRAM 1 CODE :
PROGRAM 1 OUTPUT :

In the above code, there are two pointers (pointer and danger pointer) which are of size 10
and type char. We first print the address of both the pointers. Enter the data in the pointer
such that the buffer of the pointer overflows with this overflow the data like dir command in
danger pointer is also inserted. Execute the data in dptr in system mode to get the file in the
directory. Thus this code can also be used to delete file, modify data, insert virus, etc. Using
this code, the files in the C directory of machine are listed.

PROGRAM 2 CODE :
PROGRAM 2 OUTPUT :

First the user enters the correct password which does not matches the system password.
Thus it correctly prints that the password is correct. If sys_pass which has default value &
usr_pass which (user enters) and 1 flag(authorized flag) which is initially set set to 0. If sys
pass and usr_pass are same then user is authorization else it is not. The user password
which is entered is such that the buffer overflows and enters the sys_pass & over writes the
stored password such that both the password.
COUNTER MEASURES:
Three main countermeasures can help prevent buffer-overflow attacks:

• Disable unneeded services.

• Protect your Linux systems with either a firewall or a host-based intrusion
prevention system (IPS).
• Enable another access control mechanism, such as TCP Wrappers, that
authenticates users with a password.
• Don’t just enable access controls via an IP address or host name.That can easily be
spoofed.

CONCLUSION:
Hence we have successfully implemented buffer overflow attack and studied its counter
measures.