#header-inner {background-position: right !important; width: 100% !important;}

5/27/14

About 'format string' attacks.

There are many types of programming errors.


They are used to write 'shellcodes', programs (or program parts) that attack erroneous programs to gain 'root' or 'superuser' privileges by a hacker, to 'take over' attacked machine, for example.

Buffer Overflow errors are well known, and there are many ways of protecting against exploiting such, i read.

But there are also other types of exploitable errors.

There's the powerful hack attack called 'format string', tied to a 'bad' use of string formatting functions.

There's no way to fully protect against this type errors, that's why they are considered among most dangerous.


(i'll have to check if it's true and works).


Source: [5].

No comments:

Post a Comment