Smashing The Stack For Fun And Profit - Buffer Overruns
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Smashing The Stack For Fun And Profit - Buffer Overruns

  1. #1
    Senior Member
    Join Date
    Jan 2005
    Posts
    128

    Smashing The Stack For Fun And Profit - Buffer Overruns

    Over the last few months there has been a large increase of buffer
    overflow vulnerabilities being both discovered and exploited. Examples
    of these are syslog, splitvt, sendmail 8.7.5, Linux/FreeBSD mount, Xt
    library, at, etc. This paper attempts to explain what buffer overflows
    are, and how their exploits work.
    Ive been reading alot of articles recently (well, all the time) and i found this one. Not sure the age (or the current relevance because of little knowledge on the programming side of the topic ) but it has shown me alot about buffer overruns and the concepts behind exploiting them.

    Great for a bookmark in firefox :P

    http://www.phrack.org/phrack/49/P49-14

    `smash the stack` [C programming] n. On many C implementations
    it is possible to corrupt the execution stack by writing past
    the end of an array declared auto in a routine. Code that does
    this is said to smash the stack, and can cause return from the
    routine to jump to a random address. This can produce some of
    the most insidious data-dependent bugs known to mankind.
    Variants include trash the stack, scribble the stack, mangle
    the stack; the term mung the stack is not used, as this is
    never done intentionally. See spam; see also alias bug,
    fandango on core, memory leak, precedence lossage, overrun screw.
    http://sfx-images.mozilla.org/affili...88x31/take.gif
    If You\'ve Done Something Right. People Wont Know You\'ve Done Anything At All - God (futurama)

  2. #2
    Senior Member
    Join Date
    Oct 2004
    Posts
    122
    A bit too out dated i guess but certainly a nice place to get introdued to what buffer overflow is.
    If you have read this article properly and tried to have fun practically by exploiting some local buffer overflow then the next step might be reverse shell exploit or bind to port exploit then rebind shell exploit personally i love rebind shell exploits.
    Because they work in most of conditions unlike bind to port or reverse shell exploits which are just a POC(mainly for educational purpose so that we can understand what actually exploits do :P)
    Try this http://www.phrack.org/show.php?p=62&a=7
    nobody is perfect i am nobody

  3. #3
    Member
    Join Date
    Nov 2004
    Posts
    32
    ^ Why is it outdated exactly. Is smashing a stack today any different than smashing a stack was about 4/5yrs ago when that paper was written?

  4. #4
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    Aleph One's paper is probably THE most influential paper written concerning buffer overflows. It it quite well known and still an excellent read, as well as releveant. Aleph One (Elias Levy) has moderated BugTraq for years and incidentally is a total bad ass.


    -Maestr0
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  5. #5
    Banned
    Join Date
    Apr 2004
    Posts
    843
    A bit too out dated i guess but certainly a nice place to get introdued to what buffer overflow is.
    Now your just starting to piss me off just a lil' bit, *******!

    Is smashing a stack today any different than smashing a stack was about 4/5yrs ago when that paper was written?
    Not really... you could make almost any program that accepts input from a user randomly seg-fault.

  6. #6
    Member
    Join Date
    Nov 2004
    Posts
    32
    ^ I knew the answer, it was a rhetorical question

  7. #7
    Banned
    Join Date
    Aug 2004
    Posts
    534
    what i don't get is why are you making a post about "THE" MOST FAMOUS ARTICE on the subject!

    i guess my reply would be....

    YEAH WE DO KNOW!!!

  8. #8
    Member
    Join Date
    Jul 2004
    Posts
    33
    lol i thought i had deja vu.
    Myth1368

  9. #9
    Senior Member
    Join Date
    Jan 2005
    Posts
    128
    well, i found the articles priceless....

    Im not a big programmer anymore, but im big in security and this article is by far the best ive read. I posted knowing that it could be an old article, but it was of such relevance today that for the people who didnt read it, should bloody have a look
    http://sfx-images.mozilla.org/affili...88x31/take.gif
    If You\'ve Done Something Right. People Wont Know You\'ve Done Anything At All - God (futurama)

  10. #10
    Custom User
    Join Date
    Oct 2001
    Posts
    503
    I guess it's a good article, but there have been some recent texts which (IMO) are much simpler to understand. From "Smashing the Stack", I received understanding of what a buffer overflow was, but still found it very difficult to actually implement overflows. But I'd still argue that it was a great explanation of the exploit.

    If you are interested in exploits in general, there is a book called "Hacking: The art of exploitation" that covers quite a few different types of exploits. And once you understand how they all work, it obviously makes it a hell of a lot easier to prevent the exploits from taking place in the first place.

    ac

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides