-
November 22nd, 2003, 03:47 PM
#1
Junior Member
Request: Buffer Overflow tutorial..
I've been trying to learn buffer overflows for the past few months, and have been having a real difficult time trying to get the concept down. Most tutorials I see work on exploiting already existing vulnerabilities in popular software, but not having vmware or a lab where I can actually go through the steps, I think it pretty difficult. I would love to see a tutorial that exploits a simple program - like the one below. Does anyone know of anything like this, or is anyone willing to write one?
Possibly, the tutorial could explain the registers (which I acutally understand at this point) and the basic address space of a windows system (possibly a linux system too).. I think something like this would be a real beneift to the community!
Cheers!
#include <iostream>
#include <stdio.h>
int main ( )
{
char name[2];
printf("Please type your name: ");
gets(name);
printf("Hello, %s", name);
return 0;
}
-
November 22nd, 2003, 03:50 PM
#2
smashing the stack for fun and profit
-
November 22nd, 2003, 04:15 PM
#3
Junior Member
I've actually seem that but was wondering if there was a similar one based on windows stuff? <G>
-
November 22nd, 2003, 11:47 PM
#4
Well, I don't have a tut for you but I might be of some help... On Monday's (11.17.03) episode of The Screen Savers (TechTV), they had a guy on who talked briefly about buffer overflow exploits... Here's the show notes for that show:
http://www.techtv.com/screensavers/s...566892,00.html
Now they don't have much info on the website, you might be able to catch the show on a rerun over the weekend or something... Or, if you want to get a book regarding these exploits, the guest has authored a book that seems like it might be up your alley:
http://www.amazon.com/exec/obidos/AS...282727-5037645
Hope I was able to be of some help....
-
November 23rd, 2003, 12:55 AM
#5
Well understanding buffer overflows is not as easy as it seems. For example if your trying to teach a newbie about it first they need to know what a buffer is and other things as well. As for a tutorial humm that I think would be quite hard since there would be a lot of areas which you would have to cover.
Check this link out ... I think that some of your questions might be explained hope it helps...
http://www.undergroundnews.com/board...-t-000350.html
That's my 2 cents ...
-
November 23rd, 2003, 01:57 AM
#6
Junior Member
Hi,
I once wrote a pretty basic tutorial when I was still really new to the concept, you may like it ...
http://www.elitehaven.net/buf.zip
-Peter
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|