|
-
November 4th, 2002, 02:38 PM
#1
Junior Member
programming C
Hi,
Im doing stuff quiet a long time with C now (like 6 months) but now i want to learn how to exploit C code, i've read some papers on how to exploit format strings how to exploit malloc() and stuff like that,
but now somebody said that using system() or sprintf() in your code isnt smart, but why?
Does anybody know a good text about this??
Thanks in advance
Encrypted
I\'ll sleap when i\'m dead
-
November 4th, 2002, 02:59 PM
#2
I think you should put this into context.
Both system() and sprintf() are perfectly sound things to use as long as you use them under circumstances where there is no security issue.
Most programs do not need to be particularly security aware. If a program that only manipulates a single user's data by the single user (at once) has an exploit, big deal, that user can hack his own account 
system() is only dangerous if it's used in a server or setuid program or something else where you're running in someone else's security context *and* you pass user-supplied data to it. (spawning external programs from a setuid program in Unix is very dangerous generally anyway, avoid it if at all possible)
Likewise, sprintf's vulnerabilities only appear if you are running under someone else's security context *and* the user gets to manipulate the format string (which is typically fixed).
But like I say, most software doesn't care, because everything is owned and run by the same user.
Using system(), sprintf() and malloc() is typically quite useful for many C programs. It *is* smart to use these functions usually.
-
November 4th, 2002, 03:00 PM
#3
If you are looking to create code to exploit vulnerabilities you have come to the wrong web site. If you are trying to be a better C programmer you might want to check out
http://www.cprogramming.com/
Work... Some days it's just not worth chewing through the restraints... 
-
November 5th, 2002, 06:58 AM
#4
Junior Member
And why exactly would this not be a right site? Is this web site not about computer security? Is this forum not about security programming? Is he asking how to gcc some exploit or something? In fact, this is the kind of thing that should be in this forum. I'm not a regular at this website, but I see no reason for his post not to belong here. I'm sure he, as most of other C programmers is familiar with cprogramming.com . Why posting a link, instead of help or at least your opinion about the correct possible answer???
Anyway, Encrypted, Using
system() isn't smart because your program executes shell commands. Now, if it had root perm ... get the point?
sprintf() - I am really gonna be guesing here, but will look up later (5.46 am here). Since it has infinite size, there might be certain issue with DoS.
-
November 5th, 2002, 11:11 AM
#5
Junior Member
http://mixter.void.ru/vulns.html
http://www.phreak.org/archives/explo...loits/?C=S&O=A
www.synnergy.net/downloads/exploits/
http://www.hoobie.net/security/exploits/
http://www.elhacker.net/exploits/
http://www.uncompiled.com/sections/p...page=phppof728
---------------
Try studying some of these sources. Then, since you obviously know how to make code on your own, try making your own exploit - maybe start of trying to code a same exploit a bit differently, the way you think it could be more efficiant. Then maybe you can find a hole somewhere, and exploit it. Who knows...
-
January 31st, 2003, 06:36 AM
#6
Junior Member
In order to discover vulnerabilities in your C programs you should strive to gain a better understanding of what exactly is going on when your program executes. A deeper understanding of what's happening "under the hood" will allow you to see weaknesses and write exploits for them (i.e. buffer overflows, format strings, etc..)
The best way that I know how to do that (which is also the route that I took) is to learn assembly (assuming you havn't already done so). There is a book out called "Computer Systems: A programmers' Perspective" by Randal E. Bryant and David R. O'Hallaron. This book was written for C programmers who want to write more secure/efficient/elegant code and have a better idea of what's going on behind the scenes of their programs and explains concepts in terms of C code. I highly recommend getting a copy. If you're lucky you might be able to find the beta version in .pdf format on gnutella.
-
April 14th, 2003, 11:45 PM
#7
Banned
If you want to learn how to exploit a C code you should start learning assembly and the way the computer really works.
-
April 17th, 2003, 08:32 AM
#8
Banned
Of couse you must understan about assebly language befor you exploit c code n you must master in how that hardware work and if you wanted to know much about c you also can open in
www.cprogramming.com
good luck ok
-
April 17th, 2003, 08:38 AM
#9
Member
Except that now, five months after the question was posted, I'm sure he's found his answer long ago. Check the dates before you post. Let old strings die.
Do not meddle in the affairs of hackers, for they are subtle and quick to anger.
I am what I am and I do what I can.
-
April 17th, 2003, 01:57 PM
#10
Junior Member
Hi guys,
yeah i found my answer, in fact i just wrote my first buffer overflow exploit
but thanks anyway.
encrypted
I\'ll sleap when i\'m dead
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
