i Would really hopefull for anybody helps me learning the Overflow And overrun with any tutorials , books or texts.
i readed the things about them in hacker Jargon's Section..
but i need sumthing that may help learning that..
Printable View
i Would really hopefull for anybody helps me learning the Overflow And overrun with any tutorials , books or texts.
i readed the things about them in hacker Jargon's Section..
but i need sumthing that may help learning that..
if the book in Chinese ??
sorry i only know English and not Good english
:D i hope its English !
Yea check out "Smashing The Stack For Fun And Profit" theres loads and load and loads of papers on www.packetstormsecurity.com
You really need to learn how to use google to prosper, its not difficult...heres the link www.google.com
its amazing!
i2c
so I am sorry I can't help u because of my poor English and poor knowledge about Overflow And overrun :D
but....hmm.....I can introduce a very good teacher (good at English maybe German) for u .... ;)
thx for ur reply
i tried The Googls in First Class but didn't get any helpfull results..
there is a brand new tutorial about buffer overflow here. Take a look here.
http://www.antionline.com/showthread...hreadid=258281
Hi
Buffer OverFlow in it's easiest form is not very Difficult Topic to understand.....It's a problem in C and C++ because it dosen't have automatic bound checking mechanism.Quote:
Originally posted here by rOCk-MaStEr
man i know a Basic C programming
so can u give me a Tutorial of C in what i need to learn this Buffer overflow
then When you create a Array mamory is allocated for the Array ....Memory is allocated in continuous memory locations. its not like it goes to find a new memory location which is free for the next element......Say You create a array
char buffer[8];
What will happen in memory is 8 bytes get reserved in the memory...(16 For integers and so on ............16 because each of the 8 integers would be 2 bytes long)
Something like this Internally Arrays too use pointers.......... If you feed in a 8 digits the numbers will be stored in the array in those consecutive boxes .........A buffer overflow occurs when something very large is placed in a box far too small for it to fit. It's all gotta go somewhere so it gets spilled over say you feed 11 digitsCode:
_____ ______ _____ _____ _____ _____ _____ _____
|_____|______|_____|_____|_____|_____|_____|_____|
4002 4003 4004 4005 4006 4007 4008 4009
Code:
_____ ______ _____ _____ _____ _____ _____ _____
|_____|______|_____|_____|_____|_____|_____|_____|
4002 4003 4004 4005 4006 4007 4008 4009 4010 4011 4012
Look at the above program We have created a array of 8. So 8 consecutive memory locations will be assigned to the array.......The ninth memory location might be holding data from another program........and our program will overight it ... this might cause the program holding that location to carsh or become destable.........Code:Void over(void)
{
int i;
char buffer[8];
for(i=0;i<200;i++)
buffer[i]='A';
return;
}
To prevent Buffer overflow You should always use libraries which have a Autometic Bound Checking such as Striing.h and functions like strncpy,snprintf,fgets,strncat etc.which have automatic bound checking.......
Read this Link Analysis of Buffer Overflow Attacks] I think it describes Buffor OverFlow in very Compheriensive way with code Examples ...I thik it was the best Tutorial i found that made me(a newbe) understand it ....
and this
Dangers in C/C++
--Good Luck--
[Edit]
Hey Originaly Just wanted to give you the link But was just bored so wrote all that......I think i have way too much time on my hand..:D
. :( i have no idea how they make those pretty pictures in ASCII ..i never can you know i had to Edit this think 19 times to get those two lines in place........and still they look a bit weird... :(
Try writing it in notepad or some other ascii editor and pasting it in. I'm not sure if it would work with your "ascii art", but it's worked for me before doing other things (alright, I can't remember what, but it has...I'm sure :P)
ac
Thx alot Swordfish for ur explaining.. it really helped man and for the links..
and the Ascii Thingy is Good :D