Identifying an exploit in source code
I have read a few tutorials on identifying buffer overflows, and how to correct them, but I was wondering if anyone could demonstrate a few examples of an exploit in source code that would not be otherwise found by the average coder(me).
I'm aware of the basic function an overflow has on an operating system, and I would like to be more aware of how to identify this potential danger in my machine.
I would also like to introduce myself with this initial post!
Anyways fellas and ladies, I'll leave the floor open to what I hope should be an informative discussion for myself and anyone else who happens to stumble upon this thread!
Re: Identifying an exploit in source code
Quote:
Originally posted here by ziploc
I have read a few tutorials on identifying buffer overflows, and how to correct them, but I was wondering if anyone could demonstrate a few examples of an exploit in source code that would not be otherwise found by the average coder(me).
I'm aware of the basic function an overflow has on an operating system, and I would like to be more aware of how to identify this potential danger in my machine.
I would also like to introduce myself with this initial post!
Anyways fellas and ladies, I'll leave the floor open to what I hope should be an informative discussion for myself and anyone else who happens to stumble upon this thread!
I've always hoped for a tutorial on this. Where someone would write a program that purposely contains flaws, then show how to identify and exploit those flaws. It could maybe even be two parts. First putting up the code and explaining some things. Then give people time to see if they can identify what's wrong with it and come up with exploit code. Then have the second part about the flaws and exploits for the flaws. Just a thought. I just wanted to say that, I really don't know anything about identifying flaws and exploiting them.