Question

Discuss how a stack buffer overflow attack is implemented.

Answer 1

In a buffer overflow attack, attacker would exploit by taking advantage of a program that is waiting on a user’s input. In stack based buffer overflow, the attacker stores a lot of data in the stack leading to its overflow.

Below is an example of C code executing stack overflow attack:

#include <stdio.h>

#include <string.h>

#include <stdlib.h>

int main(int argc, char *argv[])

{

  // Reserve 5 byte of buffer plus the terminating NULL.

  // should allocate 8 bytes = 2 double words,

  // To overflow, need more than 8 bytes...

  char buffer[5]; // If more than 8 characters input

            // by user, there will be access

            // violation, segmentation fault

  // a prompt how to execute the program...

  if (argc < 2)

  {

      printf("strcpy() NOT executed....\n");

      printf("Syntax: %s <characters>\n", argv[0]);

      exit(0);

  }

  // copy the user input to mybuffer, without any

  // bound checking a secure version is srtcpy_s()

  strcpy(buffer, argv[1]);

  printf("buffer content= %s\n", buffer);

  printf("strcpy() executed...\n");

  return 0;

}

OUTPUT:

Input  : 12345678 (8 bytes), the program run smoothly.

 Input : 123456789 (9 bytes)
"Segmentation fault" message will be displayed and the program terminates.