Scribd
Upload
22 views

Buffer Overflow: Name: Majed Imad Course: Operating Systems Date: 17/12/2019

Buffer overflows occur when more data is written to a buffer than it can store, overwriting previous data and potentially causing crashes or unpredictable behavior. Some programming languages like C and C++ are more susceptible to buffer overflow issues due to improper input validation. There are two primary types of buffer overflows: stack overflows and heap overflows. Developers can help prevent buffer overflows by checking input length before using unsafe functions, avoiding dangerous functions, and employing protections like non-executable memory and address space layout randomization. Exploits may overwrite the program counter to execute malicious code or redirect execution to system calls to create a shell.

Uploaded by

Majed Imad
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
22 views

Buffer Overflow: Name: Majed Imad Course: Operating Systems Date: 17/12/2019

Buffer overflows occur when more data is written to a buffer than it can store, overwriting previous data and potentially causing crashes or unpredictable behavior. Some programming languages like C and C++ are more susceptible to buffer overflow issues due to improper input validation. There are two primary types of buffer overflows: stack overflows and heap overflows. Developers can help prevent buffer overflows by checking input length before using unsafe functions, avoiding dangerous functions, and employing protections like non-executable memory and address space layout randomization. Exploits may overwrite the program counter to execute malicious code or redirect execution to system calls to create a shell.

Uploaded by

Majed Imad
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 11

BUFFER OVERFLOW

Name: Majed Imad

Course: Operating Systems


1
Date: 17/12/2019
Definition

• From the word “overflow” we can deduce that buffer overflow is a buffer that has been
filled more than it can tolerate.
• A buffer overflow occurs when more data are written to a buffer thus overwriting on the
previous data and causing unpredictable results or crashes.
• Buffer overflows happen when there is improper validation.
Memory Layout Of A Process
Vulnerability

• Some programming languages are more susceptible to buffer overflow issues, such as C
and C++.
• Buffer overflow vulnerabilities are difficult to find and exploit.
• The malicious extra data may contain code designed to trigger specific actions.
• There are two primary types of buffer overflow vulnerabilities: stack overflow and heap
overflow.
How does it work?
NOP-sled

Shellcode Anything Ptr

NOP Shellcode Ptr


How To Prevent a Buffer Overflow?

• The developer must check the input length before using any functions that might cause an
overflow to happen.
• Avoid unsafe functions that can lead to a buffer overflow vulnerability:
printf, sprintf, strcat, strcpy, and gets.
• Protect against buffer overflows by using an extension of a compiler that uses canaries.
How To Prevent a Buffer Overflow?

• OS-level changes:
- NX (non-executable memory)
- ASLR (address space layout randomization)
- Stack smashing protections (Stack-Guard)
Exploitation of protection methods:

• Overwrite the PC
• Let the PC point towards something which can create a shell “/bin/bash”
• Point PC to libc
- System() call can help us create a shell
Exploitation of protection methods: Return to libc

Buffer[80] EBP return

80 Bytes 4 Bytes 4 Bytes 4 Bytes 4 Bytes

NOP Ptr1 Ptr2 Ptr3

System() Exit() /bin/bash

System() Ptr2 Ptr3

RET Arg 1
Thank You

You might also like