12/8/13

Heap Overflow type Attacks.

Attacks on applications are one of most commonly used by hackers.

Using errors in programs, intruder can gain privileges at which it (program) was run.

Existence of errors contained in programs gives possibility of accessing data or process memory.

We'll explore how this kind of abuse can be exploited.




'buffer overlov', in this case buffers are on heap (in heap segment).


 photo fnovw_zps1c25afa5.png

'file name overwrite to access private data'.

(perhaps encrypted) system passwords are in /etc/shadow.
root privileges (can check for +s permissions flag) are required to read from /etc/shadow.

unneccessary lines (such as debug printf) are danger to leave, for they give out information about hacker.



for more details please see Literature: [5], [14], perhaps more.


see also, if You wish or need ... : 'Heap Overflow' Hacking Attack.

No comments:

Post a Comment