Slashdot Mirror

← Back to Stories (view on slashdot.org)

How To Conduct Your Very Own Buffer Overflow

Posted by Zonk on Friday May 6, 2005 @10:14AM from the a-bug-of-my-very-own dept.

Adam writes "If you've ever wanted to create your own buffer overflow or just to see how one works, check out this tutorial. The article talks about how a buffer overflow works and gives a guided example through an exploit to help you on your way. Definitely worth checking out." From the article: "Every now and again we all hear about an exploit that takes place thanks to a buffer overflow, but what is a buffer overflow? By definition it is when a program attempts to store more data in an array (buffer) than it was intended to hold, thus overwriting the return address of the function. To show how this is actually done, I'll explain how to do a simple attack on a fairly small program."

3 of 186 comments (clear)

Min score:

Reason:

Sort:

Buffer Overflows by joeytsai · 2005-05-06 10:21 · Score: 5, Informative

The best article about buffer overflows is the well-known "Smashing the Stack for Fun and Profit" by Aleph One in Phrack. Here's the first link google gave me.

Everything else (like this article) pales in comparison.

--
http://www.talknerdy.org
Re:Once again, Zonk lowers the bar. by reynaert · 2005-05-06 10:24 · Score: 5, Informative

The standard text is still Smashing The Stack For Fun And Profit, I think.
Here's a sample... by pg110404 · 2005-05-06 10:28 · Score: 5, Informative

#include
#include <string.h>

char bigBuffer[4096];

void overflowMe();

main()
{
memset(bigBuffer, 0, sizeof(bigBuffer));
overflowMe();
}

/* this function should never return, in fact it
should/might SIGSEGV as the return address will be esentially reset to IP=0x00000000 */
void overflowMe()
{
char localBuffer[256];

/* deliberately copy from a larger buffer to a stack segment buffer more than it can hold */
memcpy(localBuffer, bigBuffer, sizeof(bigBuffer));
}