HI guys
When we make a system buffer overflow
then how should we send arbitrary commands as they say
like
Buffer Overflow and executed arbitrary command
Does this mean the commands or executed on the OS or the file system which is having trouble overflow
How can we execute commands is it by capsulating the command in a UDP packet

please help

and why would you like to buffer overflow a system ???

Umm I really got NO idea what the hell you just said. It see buffer overflow, OS, filesystem, and UDP packets. Thats about it.
So....lets see.
Some buffer overflows work on OS's
Some buffer overflows work on file systems.
Buffer Overflows do NOT work on UDP (or TCP, or IP, or SNMP, or etc etc)

Ummm, if you are asking where the buffer overflow is exectued, it is excuted in RAM. The "buffer overflow" is information that gets run from RAM in unprotected memory space.

If you want to know more, search google. There are plenty of text files about buffer overflows.

If you want to write a buffer overflow, go ahead. Just go someplace else to find out how to do it. Here you won't get anything but flames, because this is not a site on how to write cracks. If you want to learn how to protect your system from buffer overflows, then start dl'ing patches.

And if you are just looking for information out of pure curiousity, learn how to write complete sentences so we can understand them. I know that English isn't your native tongue, but we can't help you if we can't understand you. And I personally don't understand you.,

First you have to open the PC case. If it's an ATX leave it as is, if it's an AT turn it on it's side. If it's a rackmount remove it. Place PC in a large watertight container or plastic trash bag. Add detergent and allow to sudds up. Then remove the PC and buff it to a shine. Now to buffer overflow it. You allow the container to overflow with water while buffing the case rigorously while humming the theme to The Matrix. There you have it. The buffer overflow...
Hope this helps... :D

You allow the container to overflow with water while buffing the case rigorously while humming the theme to The Matrix. There you have it. The buffer overflow...
Hope this helps... :D

That sure helped me... of course I had to bake it in my oven to dry it out.. ;)
but now I have the cleanest mobo in town. Makes dem electrons flow faster too...
try it.. you'll like it...honest.. :rolleyes:

here, I'll try to be helpful revanthn... understanding buffer overflows requires a detailed understanding of how programs internally use memory. There's no real cookie-cutter way to get a buffer overflow working, it varies by program and by operating system.

The basic gist: a program allocates an empty area in memory for storing an input string or something. The program gets too much input and doesn't check it, and puts it right into the empty area. It ends up overwriting memory after the buffer, which can be data which is changed by the attacker, or code (machine instructions) which are overwritten by the attacker. If it's code, you have to make sure it gets executed too. And you have to be careful not to overwrite anything that's going to crash the program or make things inoperable. So you see, writing a successful buffer overflow exploit requires knowledge of the internal memory structure of the program.

One common kind of buffer overflow is the "stack smash." There's a phrack article -- smashing the stack for fun and profit -- that goes into some detail. I forget what phrack # it is. Basically in a programming language like C, when you call a subroutine it places several things in a memory area called the "stack", including the arguments passed to the subroutine, and a number which points to the instruction in memory after the one that called the subroutine (the return address). Sometimes you can overflow one of the arguments and are able to overwrite the return address, so when the subroutine finishes it returns somewhere different. Usually, you'd make it "return" to a point in your buffer with your own arbitrary code to execute. This requires knowledge of how the binary you're attacking is formatted, so you can input the correct address.

Then there's the question of what you put in your arbitrary code. Usually, you'd put a system call to do something like run an command shell. Again, this requires knowledge of how system calls are set up in machine language in the operating system and hardware you're targeting.

Overall, buffer overflows are not easy to set up. The "arbitary command" you're executing is usually machine code. You might be able to overflow over UDP, but only if there's a service listening to UDP packets that has an overflow bug in it. Other than known exploits, there's no cookie cutter way to make buffer overflows.

btw, there's also some exploits that i've heard people refer to as "buffer overflows" when they're really not, like the phf %0acat%20/etc/passwd or whatever... this is an evaluation bug that lets the inputted string execut arbitary unix commands, but it's not a buffer overflow.

When someone requests information innocently or not, it surprises me how those people with the experience and the know how, ridicule that knowledge seeker. I myself do not know what a system buffer overflow is but mark my words, some day I will! That and much more god willing and if I choose to ask for advice here and a so-called senior anti-online member with a bunch of little green dots by his or hers avatar gives me a sarcastic reply on doing laundry as the solution to my question then I would be discouraged. PenguiN42 restores my faith in the knowledge sharing dept.P2pApokolipse obviously is much to advanced to help a newbie in his or hers search for answers. Such a shame!

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=#post) by lobstertails
P2pApokolipse obviously is much to advanced to help a newbie in his or hers search for answers. Such a shame!

For one. You need to check my profile and see how much I help newbies before you run off at the mouth. I help when someone approaches with a legit question. NOTE: For you!! This is a security site. Not a 5kr1pt k1DD1d3 site for persons wanting to bring about havoc and mayhem. So stop acting as if you are "somebody" and read the posts before you spout off. I go over the top at times helping noobs that are interested in security. Not "hacking" systems, hotmail or the such. You need to get a clue or stay off your mommys puter. I am getting fed up with babbies like you that spout off without reading or doing some research.

I have been working on systems and routing *******s like you since the early 80's. So get a life. I usualy retain my decorum in this forum. Lately though. I am agrevated as hell with morons such as yourself. This used to be an excellent forum unitl people such as yourself turned up. (Hmmmm, you sound like Oblio or some noob) So I'm putting asside my civility for this post. So as for you, go to hell.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=#post) by lobstertails
When someone requests information innocently or not, it surprises me how those people with the experience and the know how, ridicule that knowledge seeker.
PS...Get some humor in your life. That way you won't come off as such an *******.... :flip:

p2p - just wondering if the detergent should be something like armor-all or would basic dish soap be okay.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=#post) by gold eagle
p2p - just wondering if the detergent should be something like armor-all or would basic dish soap be okay.
I use Joy liquid for the most part. It leaves less of a film.... :D

p2p, I thought I would test some of our primary servers to see if they were vulnerable to a buffer overflow.

I strictly followed your instructions, and even though the internal hardware polished up quite nicely, the server is now not working, and now people are looking to me for answers?

What should I do so I dont get :drink: :shootem:

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=#post) by SoggyBottom
p2p, I thought I would test some of our primary servers to see if they were vulnerable to a buffer overflow.

I strictly followed your instructions, and even though the internal hardware polished up quite nicely, the server is now not working, and now people are looking to me for answers?

What should I do so I dont get :drink: :shootem:

Well you have to use a high quality sponge. Not a $.99 job from the local dime store. Also you have to let the sucker air dry or throw it in a maytag dryer. Works great for me. :D

Anyway. Sorry for the rant. But we have a bad problem with a few certain people returning with nick changes afeter being banned. Just look at some older threads and you'll understand the reason for the reply I made about the buffer overflows. Give the group a chance. I help when I can. I will NOT however help someone crash a server etc... Just try to undrstand. Thats why I did'nt give lobstertails antipoints. That way they can research the posts as well as mine before they judge. I'm just s little pissed right now because of some of the BS the Oblio types and such are posting.

Wow!! Did I come into this thread too late, or what????

buffer overflow exploit=non-trivial exploit=far too time consuming=my opinion

Sorry for joining this thread late...I was reading some other threads.

Question for P2P...Is Dawn detergent okay as well? It does take grease out of the way. The box does get greasy when it is covered in dust. I have clients asking me the best way to keep their computer clean, and I didn't think to tell them to use Joy.

:-))

Apocalypse, I don't know where you get off telling people to use Joy detergent. I think maybe you have it in for us newbies. I've tried Joy once before and I had nothing but problems with it. You obviously haven't done your research. Clinical studies have shown time and time again that Palmolive is at least 30% more effective than Joy at killing germs and viruses on motherboards.

Just IMHO -- very humble, since I'm quite new here -- writing in general about how buffer overflow attacks work is not going to help some 5kr1pt k1DD1d3 to bring about havoc and mayhem ... the task just requires too much programming knowledge and skill. Script Kiddies use pre-made code to do the hard part for them, anyway. On the other hand, knowledge of the principles behind things like buffer overflows is important for people interested in security, and especially for programmers who want to write good secure code. I don't know what revanthn's motivation is, nor do i care. I wrote my response knowing that it's not script-kiddie food, and any increase in understanding it may have helped cause in revanthn or anyone else is a good thing.

Sorry if this is getting off-topic

Flaming is much easier than sharing your knowledge or for some people, flaming is the only way which they think hides their empty brains...
revanthn's question is a really good one, and absolutely requires no flaming.

Has anyone tried bleech? I know it sounds harsh, but it is very effective? Maybe a 1 part in 10 solution?

I like PenguiN's approach. If it were a bad question and needed flaming...fine...flame. But how useless is it that MOST OF THE THREAD is about detergent. I mean it is funny...but I'd rather read what PenguiN42 wrote (which I learned alot I might add) then a bunch of jokes. A joke isn't bad...but I hate having to look through dozens of messages to find the good ones. P2P initial comment was funny..........but there are way too many people trying to kiss his a$$ for antipoints.

Let a joke be a joke, and keep these threads intuitive.
Thank you penguiN42, you give me reason to keep reading

Well, first of all, the way the question was worded is what caused all the jokes/flames, not the question itself. I still have no idea exactly what the question was. If I could understand what he was asking, I would be more willing to try and help.

Anyway, as someone else stated, buffer overflows are quite involved. If you take the time to search the forums for buffer overflow, you will notice that there are a few tutorials on how to write them. I posted a link in a different thread to a paper that is VERY in depth on how buffer overflows work, and how to write them. I didn't write the paper, so I didn't post it (since I didn't get the authors permission). Anyway, if you take the time to search for Buffer Overflow, right here in the Forum Search box on the main page, you get 338 results. Of course some are not great, but take the time to look.

For those of you who don't know how to use a search engine, click this little link to go directly to the thread where I posted the links to that report.... http://www.antionline.com/showthread.php?s=&threadid=223099

I was reading this thread, not understanding jack shit about buffer overflows. my wife was reading it over my shoulder, She commented 'is it about cleaning computers'

That made me giggle!!! :D

Gotta love em... ;)

P2P Dear computer person i have used the high quality sponge and followed all the other steps
Now my question is this : do you leave the power on or not . I did not like the spark thingies and sizzling noise. O and do wear rubber gloves

Buffer Overflow and executed arbitrary command

Ok --

Lets say we have the following code:
dim name(10)
name = "12345678901"

This causes an error because the length of the value we specified is larger than the memory space that has been allocated. This is an buffer overflow.

If you wrote this in c and ran it you would get an an error message with the memory address of the overflow. This (hex) value refers to the eip pointer which points to the current execution point in the stack.

You can then use a debugger to figure out where other opcodes are loaded in the stack and by moving the eip you can call them. Code run in this manner will run in the security context that started the process.

If you are truly lame, and have far too much time on you hands, you can (largely by trial and error) even 'stuff' the stack full of your own op-codes and call them (the so called arbitrary code).

As I think just about every post to this tread that wasn't about detergent ;) points out - this is a complex thing and if you don't already understand it then you probably need a lot more practice making things before you attempt breaking things.

But hopefully this post explains the basic concept at least (I tried;)) for those of you that are a little :eek: bewildered by it all.

simple.. in your code for a buffer overflow.. include some arbitary commands.. well basically thats what it is.. while the file/system is overflowed it gets confused and executes ur arbitary command..

correct me if im wrong..

There's no cookie cutter way to make buffer overflows

I'm glad this was pointed out. I can hear the kiddies screaming now, "does that mean I'll actually have to think? No, NO! It's so much easier when someone types it for me! Can't I download Buffer Overflow 6.4? What will I do?" ;)

<pontification>
For the record I'm willing to help newbies with legitimate questions and I often do, as do most of the senior members. But people keep asking this question, "How do I do a buffer overflow?" and it's getting tiresome. This has gotta be up there with "How do I hack hotmail?" or "How do I use sub7?" in the list of most annoying questions.

When a guy like {P²P}Apocalypse gets pissed off, it really says something about the people asking these stupid questions. He doesn't usually lose his cool. I've been around here long enough to know that. So take his advice and do some homework before you start bitching.
</pontification>

LMAO.. haha i love that.. yeah.. unfortunately for SKs buffer overflows cant be done with a script.. hahah just like the time when someone asked me for an "IP Stealer" LMAO
and he thought that IP spoofing can be done easily with a script.. w/o even thinkin the logic behind IP Spoofing.. hahaha