Buffer_Overflow.docx Buffer Overflow ISSC 363 Buffer Overflow A buffer overflow is defined as the product of excessive data feed into a fixed length buffer then the buffer can actually handle. Basically, a buffer o
...
Buffer_Overflow.docx Buffer Overflow ISSC 363 Buffer Overflow A buffer overflow is defined as the product of excessive data feed into a fixed length buffer then the buffer can actually handle. Basically, a buffer overflow is akin to pouring 10 liters of liquid into a can that can hold 6 liters. After the full capacity has been attained, the remaining fluid will spill. This problem is associated with common software coding mistakes which allow attackers to gain unauthorized access to the system. To understand how buffer overflow exploits occur, it is imperative that one first comprehends the stack activities. A stack refers to a form of data structure which stores crucial information for running processes within a computer. Normally, the system will write down little notes for itself which are thereafter stored in the stack. The modus operandi of a stack follows the Last In, First Out structure where data that is stored last is first to be accessed (Skoudis & Liston, 2007). Hence, the system places elements of data on top of other data elements. The final element, which is placed on top of the data stack, will be accessed first, a process commonly referred to as popping the item off the stack. There are different modes of exploiting the buffer overflow. The œtrampolining technique has commonly been used as an attack mode. Using this approach, the attacker will locate a pointer to the vulnerable stack buffer. Thereafter, they will compute the location of the shellcode relative to this buff. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . .. .. . . . . . . . . . . . . . . . . . .. . . . .
[Show More]