C & C++ Programming Tutorial | BOF Main Page


 

 

 

The Stack-based Buffer Overflow Hands-on Tutorials

 

 

 

 

  1. A stack-based buffer overflow tutorial #1 - Contains a step-by-step process on creating the vulnerable C code and the exploit. The OS used is Fedora Core 3 (kernel 2.6.xx) with demonstration on escalating the user to root. All the process has been nicely documented. You will found there is not many protection and/or detection mechanisms implemented at the various stage of computer system compared to the second tutorial.

  2. A stack-based buffer overflow revisited - This is the 2008 version demonstrated on the Fedora 9 as a guest OS on Win XP Pro SP2 using VMware virtual OS. In the demonstration, the related detection and protection mechanisms implemented by Fedora 9 (kernel 2.6.xx) have been explored. One of the important info related to the Intel's processor execution environment also included in this report which normally found missing in most buffer overflow tutorial, reference or guide. This info is very important because the compiler flow of processes are based tightly on this mechanism. In addition, a few 'loop holes' found originated from the processor execution environment. In the literature review, the current and previous detection and protection schemes also were discussed. It is a wide coverage but with compact presentation. The analysis ends with some practical recommendations and future research on buffer overflow.

 

 


C & C++ Programming Tutorial | BOF Main Page