Posted: Mon Jul 05, 2010 3:48 pm Post subject: A question about buffer over flow
have few question in my mind about buffer overflow
i know what is a buffer over flow,but i want to know what actually happens after the buffer gets over flowed
can the students in the lab can able to get admin access from a restricted account by using this buffer over flow technique?
can any body explain this fact in detail please? And i even seen some buffer-over flow exploits in metasploit,but i want to know the theory behind it...
It sounds like you are asking us a homework question. If you are not then please ask us something specific about the buffer overflow process and its intended or accidental consequences.
Posted: Wed Jul 07, 2010 12:14 pm Post subject: Re: A question about buffer over flow
manoj9372 wrote:
have few question in my mind about buffer overflow
i know what is a buffer over flow,but i want to know what actually happens after the buffer gets over flowed
can the students in the lab can able to get admin access from a restricted account by using this buffer over flow technique?
can any body explain this fact in detail please? And i even seen some buffer-over flow exploits in metasploit,but i want to know the theory behind it...
Please feel free to share your toughts here...
In the internet there are many sources about buffer overflow. If you search, you can find many useful things.
A very good article is this one[/url]
Posted: Wed Jul 07, 2010 2:35 pm Post subject: hmmm
i am not asking this for home-work,i just trying to understand what is happening in the system during the buffer over flow,can any body post a simple buffer over flow script to understand this better?
Joined: 31 Dec 2008 Posts: 0 Location: Breda, The Netherlands
Posted: Fri Jul 23, 2010 2:29 pm Post subject:
Quote:
can any body post a simple buffer over flow script to understand this better?
Example:
Code:
int main(int argc, char **argv){
char buffer[5];
strcpy(buffer, argv[1]);
}
This will cause the memory being overwritten after the buffer if the argument is too large. There is important data after the buffer which causes the program being unable to continue running.
As you can see below a few registers(esp,ebp) are overwritten with the A (0x41)
Code:
(gdb) run AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Starting program: /root/test AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Program received signal SIGSEGV, Segmentation fault.
0x080483d4 in main ()
Current language: auto; currently asm
(gdb) info reg
eax 0xbffff35f -1073745057
ecx 0x41414141 1094795585
edx 0x29 41
ebx 0xb7f3eff4 -1208750092
esp 0x4141413d 0x4141413d
ebp 0x41414141 0x41414141
esi 0x80483f0 134513648
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum