-
April 21st, 2004, 09:02 PM
#1
Junior Member
Identifying an exploit in source code
I have read a few tutorials on identifying buffer overflows, and how to correct them, but I was wondering if anyone could demonstrate a few examples of an exploit in source code that would not be otherwise found by the average coder(me).
I'm aware of the basic function an overflow has on an operating system, and I would like to be more aware of how to identify this potential danger in my machine.
I would also like to introduce myself with this initial post!
Anyways fellas and ladies, I'll leave the floor open to what I hope should be an informative discussion for myself and anyone else who happens to stumble upon this thread!
-
April 22nd, 2004, 03:21 AM
#2
when you say "my machine" are you talking about looking for exploits in your source code for a website or something?
-
April 22nd, 2004, 03:33 AM
#3
Re: Identifying an exploit in source code
Originally posted here by ziploc
I have read a few tutorials on identifying buffer overflows, and how to correct them, but I was wondering if anyone could demonstrate a few examples of an exploit in source code that would not be otherwise found by the average coder(me).
I'm aware of the basic function an overflow has on an operating system, and I would like to be more aware of how to identify this potential danger in my machine.
I would also like to introduce myself with this initial post!
Anyways fellas and ladies, I'll leave the floor open to what I hope should be an informative discussion for myself and anyone else who happens to stumble upon this thread!
I've always hoped for a tutorial on this. Where someone would write a program that purposely contains flaws, then show how to identify and exploit those flaws. It could maybe even be two parts. First putting up the code and explaining some things. Then give people time to see if they can identify what's wrong with it and come up with exploit code. Then have the second part about the flaws and exploits for the flaws. Just a thought. I just wanted to say that, I really don't know anything about identifying flaws and exploiting them.
-
April 22nd, 2004, 06:56 AM
#4
Chris Shepherd
The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
\"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
Is your whole family retarded, or did they just catch it from you?
-
April 22nd, 2004, 02:59 PM
#5
Junior Member
orginaly the duck
when you say "my machine" are you talking about looking for exploits in your source code for a website or something?
i agree with the duck here are you a coder and want to know how to check your home made software or do you relay mean checking all the software on your machine for buffer overflow exploits if so good luck i mean even if you had the source code for it it would take eons. From a programmers point of view every time you accept user input you need to check to see if they stay inside the limit of whatever your temporary storing their request in. Other wise you have a buffer overflow exploit.
ok i am oversimplifying but still..
if you clarify your question a bit maybe we can give you some more input.
-
April 22nd, 2004, 04:34 PM
#6
Overflows can be very easy to spot, or very difficult. The easy ones to spot are usually where the coder simply forgets to do any bounds checking when handling input, the hard ones may only be found by charting the program flow and analyzing all code segments which process user input, sometimes you have to follow the input through multiple chunks of code and diffrent paths of execution to find what you are looking for and whether your crafted input can reach the vulnerable code. For starters I would reccomend analyzing the code for any calls which are known to cause overflows such as all the printf family as well as the strcpy and its related functions. There are many tools which will automate this process for you, producing a log of a calls to vulnerable or suspect functions such as FlawFinder, Pscan, and TESOgcc (These are just a few linux based tools for starters which I mention because they are free but there are many more free and commercial tools available) These tools can greatly speed up identfying vulnerabilites in source but remember these tools can only do so much, and can easily miss more complex vunerabilities. Hope this helps out, if you would like more information just ask.
-Maestr0
\"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier
-
April 22nd, 2004, 05:07 PM
#7
Junior Member
maybe this will also contribute
http://www.insecure.org/stf/mudge_bu..._tutorial.html
it's an old article but covers most of the aspects and it's good reading
-
April 22nd, 2004, 07:51 PM
#8
ziploc, sometimes you hae to reply if you want some help lol. We asked you what kind of code are you checking for vulnerabilities. We need to know so we can help you out. If you dont reply how can we help you out. So far everyone is shooting in the dark .
-
April 26th, 2004, 03:33 PM
#9
Junior Member
Create a post before you and your family goes on a little vacation and look what happens! I'm sorry to create any frustration, and I apologise for that!
To further specify my question, I was more or less referring to anything developed in linux, like the kernel for example, or sendmail, anything related to linux that is constantly under going development. I would just like to try and contribute a bit to the open source world of linux =D
Believe it or not but those replies have helped a ton! What a great site and I just want to say thanks =D!!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|