October 13th, 2001, 08:15 AM
Complete Idiots Guide to Buffer Overflows
Well i didnt know where to put this, maybe there should be a programming section. I like this the network section so i just put it here.
Ok this is not a "how to write buffer overflows" or a "in depth on buffer overflows". This is the complete newbie's guide to how buffer overflows work. Anyways read on:
Buffer overflows are really easy to understand. First a buffer is a little piece of memory that a program uses to store some information that its gonna use later on, it might write it to the disk, discard it for any reason, or verify it with some other info. Now that you know what a buffer is well get into the overflow. A buffer overflow is when the buffer is too small to handle the data entered. Say i created a program that created a buffer of 2k to enter my name, and my name comes in over 2k, i enter it as 3k. Now as you can see the buffer is too small to handle this amount of data so 2 things can happen. 1: it can either reject the data or cut off the data so that only half my name is entered so it goes down to 2k to fill up the buffer. 2: it can overflow and let my whole name enter in and the last part of my name is then written onto another part of the memory, this is bad. The memory can be empty of have stuff written to it already, like the computers instruction stack! This is when it becomes really bad, and this is how crackers take advantage of buffer overflows. What happens is when they find one they create data to overflow and run into the computers instruction stack that has new instructions in it. These instructions are then run with the same privilages as the program being run. As you can see when buffer overflows are discovered in programs that need to be run as root or admin it is a big problem. This is how a cracker can become root or admin on a system using a simple buffer overflow.
If anyone would like to add to this feel free to do so, parker i bet you want to. Keep in mind this is a complete newbie thread, please no code, just general on overflows and what they do. Im pretty sure i covered everything in general but once again feel free to add.
October 13th, 2001, 09:55 AM
I don't have anything to add but, may I ask a question?
And, go easy on me. I'm not a programer.
Using your example, a cracker would put 2k of garble followed by Xk of specific code (whatever code he wanted) into the buffer.
If the overflow happened to fall into the instruction stack, his code would eventually be executed.
If his code fell into an area of memory that was not being used by the stack, it would do nothing untill it was eventually overwritten by code using that memory location.
Am I close? And, like I said, it's 4AM and I'm no programer.
October 13th, 2001, 11:09 AM
October 13th, 2001, 08:49 PM
KapperDog: Yes - depending on where the buffer overflow overflows into, different things can happen:
1: into the instruction stack: the code that went into the instruction stack will then execute
2: into unused memory: nothing will happen - eventually something will use that part of memory and just overwrite whatever overflowed into it.
3: into used memory: often results in crashing whatever program was using that memory, but sometimes if it is just a small overflow it will just mess the program up in some strange way.
\"If you torture the data enough, it will confess.\" --Ronald Coase
October 13th, 2001, 09:04 PM
October 14th, 2001, 08:06 AM
Yea it was midnight when i wrote it and i was pretty tired, sorry about the no paragraphs. Yep i wrote it myself unlike that other kid thats been stealing his articles from other sources, this one and my tracing on is completely original.
October 16th, 2001, 01:12 AM
Thanks for the post, I really didn't have a clear understanding of what exactly a buffer overflow was. This article cleared up my misconceptions. Good post, and we do need a programming section.
October 17th, 2001, 06:39 PM
Buffer Shmuffer.. JP removed my article about it, it would have followed up nicely to Mutt's intro. Oh well..
Jason Parker - http://www.o-negative.net
o-Negative: Information Network