10/9/12

Buffer Overflow Attack

It is used to write exploit that enables hacker to gain access to system as root (administrator).

On some processor architectures program code and data are put into memory segments when programs run, such as text segment for code an stack segment for passing function arguments and instruction pointers. When we write too much data to memory buffer (region in memory), it overflows, overwriting the text segment with whatever we want.

If we insert machine code (processor instructions, not assembler mnemonics) that executes operating system shell (shellcode) into text segment, then some vulnerable programs (that do not guard against size of arguments copied to buffer) that run with root privileges can be exploited to give root access. (Just do not cause segmentation fault by overflowing buffer even more than neccessary).

No comments:

Post a Comment