Results 1 to 9 of 9

Thread: Identifying an exploit in source code

  1. #1
    Junior Member
    Join Date
    Apr 2004
    Posts
    7

    Identifying an exploit in source code

    I have read a few tutorials on identifying buffer overflows, and how to correct them, but I was wondering if anyone could demonstrate a few examples of an exploit in source code that would not be otherwise found by the average coder(me).

    I'm aware of the basic function an overflow has on an operating system, and I would like to be more aware of how to identify this potential danger in my machine.

    I would also like to introduce myself with this initial post!

    Anyways fellas and ladies, I'll leave the floor open to what I hope should be an informative discussion for myself and anyone else who happens to stumble upon this thread!

  2. #2
    AFLAAACKKK!!
    Join Date
    Apr 2004
    Posts
    1,066
    when you say "my machine" are you talking about looking for exploits in your source code for a website or something?
    I am the uber duck!!1
    Proxy Tools

  3. #3
    Elite Hacker
    Join Date
    Mar 2003
    Posts
    1,407

    Re: Identifying an exploit in source code

    Originally posted here by ziploc
    I have read a few tutorials on identifying buffer overflows, and how to correct them, but I was wondering if anyone could demonstrate a few examples of an exploit in source code that would not be otherwise found by the average coder(me).

    I'm aware of the basic function an overflow has on an operating system, and I would like to be more aware of how to identify this potential danger in my machine.

    I would also like to introduce myself with this initial post!

    Anyways fellas and ladies, I'll leave the floor open to what I hope should be an informative discussion for myself and anyone else who happens to stumble upon this thread!
    I've always hoped for a tutorial on this. Where someone would write a program that purposely contains flaws, then show how to identify and exploit those flaws. It could maybe even be two parts. First putting up the code and explaining some things. Then give people time to see if they can identify what's wrong with it and come up with exploit code. Then have the second part about the flaws and exploits for the flaws. Just a thought. I just wanted to say that, I really don't know anything about identifying flaws and exploiting them.

  4. #4
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255
    This link: http://community.core-sdi.com/~gera/...reProgramming/
    has most of what you are looking for.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  5. #5
    Junior Member
    Join Date
    Jan 2004
    Posts
    20
    orginaly the duck
    when you say "my machine" are you talking about looking for exploits in your source code for a website or something?
    i agree with the duck here are you a coder and want to know how to check your home made software or do you relay mean checking all the software on your machine for buffer overflow exploits if so good luck i mean even if you had the source code for it it would take eons. From a programmers point of view every time you accept user input you need to check to see if they stay inside the limit of whatever your temporary storing their request in. Other wise you have a buffer overflow exploit.

    ok i am oversimplifying but still..

    if you clarify your question a bit maybe we can give you some more input.

  6. #6
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    Overflows can be very easy to spot, or very difficult. The easy ones to spot are usually where the coder simply forgets to do any bounds checking when handling input, the hard ones may only be found by charting the program flow and analyzing all code segments which process user input, sometimes you have to follow the input through multiple chunks of code and diffrent paths of execution to find what you are looking for and whether your crafted input can reach the vulnerable code. For starters I would reccomend analyzing the code for any calls which are known to cause overflows such as all the printf family as well as the strcpy and its related functions. There are many tools which will automate this process for you, producing a log of a calls to vulnerable or suspect functions such as FlawFinder, Pscan, and TESOgcc (These are just a few linux based tools for starters which I mention because they are free but there are many more free and commercial tools available) These tools can greatly speed up identfying vulnerabilites in source but remember these tools can only do so much, and can easily miss more complex vunerabilities. Hope this helps out, if you would like more information just ask.

    -Maestr0
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  7. #7
    Junior Member
    Join Date
    Apr 2004
    Posts
    1
    maybe this will also contribute
    http://www.insecure.org/stf/mudge_bu..._tutorial.html

    it's an old article but covers most of the aspects and it's good reading

  8. #8
    AFLAAACKKK!!
    Join Date
    Apr 2004
    Posts
    1,066
    ziploc, sometimes you hae to reply if you want some help lol. We asked you what kind of code are you checking for vulnerabilities. We need to know so we can help you out. If you dont reply how can we help you out. So far everyone is shooting in the dark .
    I am the uber duck!!1
    Proxy Tools

  9. #9
    Junior Member
    Join Date
    Apr 2004
    Posts
    7
    Create a post before you and your family goes on a little vacation and look what happens! I'm sorry to create any frustration, and I apologise for that!

    To further specify my question, I was more or less referring to anything developed in linux, like the kernel for example, or sendmail, anything related to linux that is constantly under going development. I would just like to try and contribute a bit to the open source world of linux =D

    Believe it or not but those replies have helped a ton! What a great site and I just want to say thanks =D!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •