Slashdot Mirror


How To Conduct Your Very Own Buffer Overflow

Adam writes "If you've ever wanted to create your own buffer overflow or just to see how one works, check out this tutorial. The article talks about how a buffer overflow works and gives a guided example through an exploit to help you on your way. Definitely worth checking out." From the article: "Every now and again we all hear about an exploit that takes place thanks to a buffer overflow, but what is a buffer overflow? By definition it is when a program attempts to store more data in an array (buffer) than it was intended to hold, thus overwriting the return address of the function. To show how this is actually done, I'll explain how to do a simple attack on a fairly small program."

13 of 186 comments (clear)

  1. Hmm by Dante+Shamest · · Score: 5, Funny

    Is the tutorial correct?

    It doesn't seem to wo----

  2. Tutorials? by Anonymous Coward · · Score: 5, Funny

    Tutorials are for wimps.

    Real men create buffer overflows by accident.

    1. Re:Tutorials? by chucks86 · · Score: 5, Funny

      I accidentally created a tutorial once...

      --
      Help a poor college student. Send a couple cents via paypal to chucks86@gmail.com
  3. Thank you but... by frank_adrian314159 · · Score: 4, Funny

    I can overflow buffers quite well on my own without any help.

    --
    That is all.
  4. No Guide Needed! by ThisIsFred · · Score: 5, Funny

    Just teach yourself C! You'll discover every possible way in which things can go wrong, and in no time at all.

    --
    Fred

    "A fool and his freedom are soon parted"
    -RMS
  5. Re:Here's a sample... by HyperChicken · · Score: 3, Funny

    There's a security bug in your code.

    --
    Free of Flash! Free of Flash!
  6. Re:Here's a sample... by pg110404 · · Score: 5, Funny

    There's a security bug in your code.

    Yeah, I know. Here's the patch

    #include <stdio.h>
    main()
    {
    }

  7. Re:Buffer Overflows by Stalyn · · Score: 5, Funny

    I'm sorry but the article you mention is not within the blogosphere and therefore meaningless to today's society. Please either contact this "Aleph One" to create a blog and post his/her article there or remove it from your message. Thank You.

    --
    The best education consists in immunizing people against systematic attempts at education. - Paul Feyerabend
  8. Re:News? by telstar · · Score: 4, Funny
    What's next, "How To Conduct Your Very Own Segmentation Fault"?
    • nope .... "How to Slashdot a webserver."
  9. How To Slahdot Your Very Own Server by Electron · · Score: 3, Funny

    Zonk writes "If you've ever wanted to slashdot your own server or just to see how one works, check out this tutorial. The article talks about how the slashdot effect works and gives a guided example through an exploit to help you on your way. Definitely worth checking out." From the article: "Every now and again we all hear about a server disappearing from the face of the earth thanks to the slashdot effect, but what is the slashdot effect? By definition it is when a slashdot editor posts a link on the frontpage to a small server without using coral cache and zillions of slashdotters click on the link the minute the story is published, thus hammering the server into oblivion. To show how this is actually done, I'll explain how to submit a story with a link to your own server by praising Apple, dissing Microsoft or revealing more SCO conspiracies."

  10. account suspended :) by Inigo+Montoya · · Score: 3, Funny

    The /. effect knocked the account out of existence!

    "Account Suspended
    Your account has been suspended for 1 of 2 reasons.

    1. Your bill is over due. In this case please email billing@vizaweb.com

    2. You account what causing a problem of some sort. In this case please contact CustomerCare@vizaweb.com"

    hmm... Even Slashdotted sites can't spell!

  11. Submitter's full name by Mr.+Underbridge · · Score: 4, Funny
    Zonk posts a story from a submitter that wrote the page being submitted for the story, who, as it turns out, blatantly plagarized the content from Bryant and O'Hallaron's Computer Systems book.

    The submitter's full name is Adam Piquepaille.

  12. Well I got: by cmacb · · Score: 4, Funny
    Internal Server Error
    The server encountered an internal error or misconfiguration and was unable to complete your request.

    Please contact the server administrator, webmaster@collegebums.org and inform them of the time the error occurred, and anything you might have done that may have caused the error.

    More information about this error may be available in the server error log.

    Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.
    So I guess the overflow worked even better than he thought it would.