Question

In: Computer Science

Discuss how a stack buffer overflow attack is implemented.

Discuss how a stack buffer overflow attack is implemented.

Solutions

Expert Solution

In a buffer overflow attack, attacker would exploit by taking advantage of a program that is waiting on a user’s input. In stack based buffer overflow, the attacker stores a lot of data in the stack leading to its overflow.

Below is an example of C code executing stack overflow attack:

#include <stdio.h>

#include <string.h>

#include <stdlib.h>

int main(int argc, char *argv[])

{

  // Reserve 5 byte of buffer plus the terminating NULL.

  // should allocate 8 bytes = 2 double words,

  // To overflow, need more than 8 bytes...

  char buffer[5]; // If more than 8 characters input

            // by user, there will be access

            // violation, segmentation fault

  // a prompt how to execute the program...

  if (argc < 2)

  {

      printf("strcpy() NOT executed....\n");

      printf("Syntax: %s <characters>\n", argv[0]);

      exit(0);

  }

  // copy the user input to mybuffer, without any

  // bound checking a secure version is srtcpy_s()

  strcpy(buffer, argv[1]);

  printf("buffer content= %s\n", buffer);

  printf("strcpy() executed...\n");

  return 0;

}

OUTPUT:

Input  : 12345678 (8 bytes), the program run smoothly.
 Input : 123456789 (9 bytes)
"Segmentation fault" message will be displayed and the program terminates.

Related Solutions

Describe why a stack canary would not be useful against a heap overflow attack.
Describe why a stack canary would not be useful against a heap overflow attack.
How integer overflow can be exploited for buffer overflow attacks?
How integer overflow can be exploited for buffer overflow attacks?
I am exploiting a buffer overflow attack and need to find three pieces of information in...
I am exploiting a buffer overflow attack and need to find three pieces of information in Linux using gdb. 1) The address of the function system 2) The address of the function parameter for system() which is /bin/sh. /bin/ parameter is what will spawn a shell 3) The address of a function that can exit the shell. I was able to use gbd commands to find the first two but what command would I use to find the address of...
Write a testing program (not sort.c from task 2) that contains a stack buffer overflow vulnerability....
Write a testing program (not sort.c from task 2) that contains a stack buffer overflow vulnerability. Show what the stack layout looks like and explain how to exploit it. In particular, please include in your diagram: (1) The order of parameters (if applicable), return address, saved registers (if applicable), and local variable(s), (2) their sizes in bytes, (3) size of the overflowing buffer to reach return address, and (4) the overflow direction in the stack (5) What locations within the...
How can buffer overflows be avoided and what are the steps involved in a buffer overflow...
How can buffer overflows be avoided and what are the steps involved in a buffer overflow exploit? What are some of the C functions susceptible to buffer overflow?
Research on buffer overflow attacks. How do the various types of overflow attacks differ? When did...
Research on buffer overflow attacks. How do the various types of overflow attacks differ? When did they first start to occur? What can they do and not do? What must a programmer do to prevent a buffer overflow? Answer briefly in your own words.
How format string vulnerabilities can be exploited for buffer overflow attacks?
How format string vulnerabilities can be exploited for buffer overflow attacks?
What is an NX (no-execute) bit, and how can it be used to counter buffer overflow...
What is an NX (no-execute) bit, and how can it be used to counter buffer overflow attacks?
Research buffer overflow attacks and develop a timeline of major attacks. Comment on why the buffer...
Research buffer overflow attacks and develop a timeline of major attacks. Comment on why the buffer overflow vulnerability still exists
Question 1.) Discuss SBAR and how it is implemented.
Question 1.) Discuss SBAR and how it is implemented.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT