Skip to main content

Posts

Vanilla Buffer Overflow And Attack On Linux Platform

Buffer Overflow Attack: What is buffer Overflow: A buffer overflow happens when too much data put into the buffer which exceed the length of buffer defined and memory corruption happens or application crashes. From Crashing to Exploit: After crashing a application with a fuzzer,next step to own the Application or exploit the Application.so after overflown the extra data is overwriteen to EIP register.we will discuss more in the upcoming blogs.so if we point the EIP to the shellcode we can exploit the application or vulnerability. Here we will discuss exploit and gdb on Linux platform.first we will discuss gdb . so far in the Internet we have seen lots of tutorials regarding Exploit,but in modern L:inux there are lots of protection like DEP,ASLR.so we have to disable that in the OS ASLR is implemented by the kernel and the ELF loader by randomising the location of memory allocations (stack, heap, shared libraries, etc). This makes memory addresses harder to predict when an attacker is a

Buffer Overflow And Exploits

Buffer: Well buffer is nothing,but small amount of memory used for temporary storage of data, usually to compensate for different in processing or transmitting speeds of two connected devices,such as computer and a Printer or any devices. Stack: The stack is an area of memory that holds temporary data followed by LIFO(Last In First Out) data structure where items are “pushed” and “popped” onto them. The data is placed on the stack by PUSH operation and removed by POP operation. Let's do same thing by doing some illustration below. First PUSH operation PUSH 1 PUSH 2 PUSH 3 After PUSH Operation: The below is how looks stack after PUSH operation happened Second POP operation: POP EAX POP EBX POP ECX After POP operation: The below is how look like in the stack after POP operation happened in the stack So the following things we have concluded: The current location of  the stack pointer can be accessed at any given time by accessing the stack  pointer register (ESP). The current base of