Printable View
Hi,
I see that there are many products (chat clients, browsers, what not?) are prone to buffer overflow attacks.
I also see that some hacker finds the buffer overflow vulnerability and publishes a program to programatically do that.
Now, my question is how do hackers detect such buffer overflow vulnerabilities ?
Thanks,
Rich.
Many Ways,
1. Open Source applications
-> see the source code, look for strcpy, malloc etc which may be vulnerable (let grep guide on your lofty quest ). Be warned not all calls may lead to compromise.
-> Source code auditing tools, RATS/ITS4 and others.
2. Closed Source Applications
-> Black box testing, send malformed data and analyze the responses.
-> using automated tools, SPIKE,bfbtester.
-> You intutions, understnding the application from developers point of view and guessing where the things may have been wrongly placed by the developer.
-> DisAssemblers, debuggers, understaning the ASM and finding flaws. (Halvar Flake's Plugins may be a help :))