Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Buffer overflow
- what happens if a user sends 1040 bytes of data into a buffer zone that only can hold 1024 bytes of data?
- It would cause the buffer to be overflowed and it would overwrite parts of the memory.
- This way we can write a shell code with start at 1024 bytes and this will brake out of the buffer and be write to the memory if lucky.
- But what is a buffer?
- Imagine that you're eating candy out of a bowl. You take one piece regularly.
- To prevent the bowl from running out, someone might refill the bowl before it gets empty,
- so that when you want to take another piece, there's candy in the bowl.
- The bowl acts as a buffer between you and the candy bag.
- Languages you could need to know if you want to do buffer overflow: C, C++, Fortran, Assembly
- Example of vuln code:
- ...
- char buf[64], in[MAX_SIZE];
- printf("Enter buffer contents:\n");
- read(0, in, MAX_SIZE-1);
- printf("Bytes to copy:\n");
- scanf("%d", &bytes);
- memcpy(buf, in, bytes);
- ...
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement