Stack-based Buffer Overflow

Vulnerability and Exploit Experimental Demonstration (in controlled environment)

 

 

 
 

 

C & C++ Programming Tutorial

 

BOF Home

 

This BOF Home

 

GCC, GDB & FRIENDS TOOLS #1

 

GCC, GDB & FRIENDS TOOLS #2

 

Compiler, Assembler & Linker Story

 

C Memory Functions

 

25 Most Dangerous Programming Errors

What we have in this 'crap'?

 

CHAPTER ONE: INTRODUCTION

 

1.0   Introduction

1.1   Scope and Limitation

1.2   Significance of the Study

 

CHAPTER TWO: LITERATURE REVIEW

 

2.1   The Current Trends

2.2   Detection and Prevention Solutions

2.3   The Current Implementation

2.4   The Exploit Advancement

2.5   Intel Processor Execution Environment

2.5.1  Memory

2.5.2  Registers

2.5.3  Procedure Call

2.5.3.1   Stack

2.5.3.2   General Task of the Stack Set up

2.5.3.3   Procedure Linking Information

2.5.3.4   Calling Procedures Using CALL and RET

2.6   Related Instructions and Stack Manipulation

 

CHAPTER THREE: METHODOLOGY

 

3.1   Introduction

3.2   The Specifications

3.3   Vulnerable Environment Preparation

3.3.1   Disabling the SELinux

3.3.2   Non-Executable Stack and Address Space Randomization

3.4   Preparing the Vulnerable Code

3.5   C Function Call Convention

3.6   Stack Boundary Alignment

3.7   Generating and Testing the Shellcode as a Payload

3.8   Storing the Shellcode in the Environment Variable

3.9   The Exploit: The Miserable setuid Program

3.10   Optional Steps

3.10.1   Disabling the 'Canary' [65]

3.10.2   Flagging the Executable Bit

3.10.3   The bash Shell Protection

 

CHAPTER FOUR: FINDING AND DISCUSSION

 

4.1   The Conditions for Buffer Overflow to Occur

4.1.1   Using Unsafe C Function

4.1.2   No Input Validation

4.1.3   Return Address Adjacent to Code and Data

4.1.4   Suitable Exploit Code Availability

4.2   Current Implementation Review

4.3   The Coding Stage Advantage

4.4   Recommendations

 

CHAPTER FIVE: CONCLUSION AND FUTURE WORK

 

5.1   Research Contribution

5.2   Related Future Work

 

BOF REFERENCE

IMPORTANT ABBREVIATIONS

GENERAL AND SIMPLIFIED VUL. & EXPLOIT FLOW CHART (pdf)

 

 

 

 

Summary

 

This tutorial revisits the stack-based buffer overflow problem which still dominate as one of the top threat to the computer security world. In this tutorial an experimental demonstration presented in a step-by-step manner which cover creating a simple buffer overflow C program, preparing the vulnerable environment and the exploit. It is a controlled experiment (well it is not the real one!), analyzing the vulnerability and how the exploit take action. An ample literature review also provided in the purpose to trace the problem from the lowest level and providing the current information regarding buffer overflow threat detection and prevention. In this case, the trends, current protection and detection techniques also discussed with the weaknesses and strength. At the end, after the demo has been completed the related issues mainly the current and previous detection and prevention mechanisms were discussed. Practical recommendations have been suggested while making the conclusion. The OS used is Fedora 9 as a guest OS on Win XP Pro SP2 machine using VMware.

Note: This is the expanded online report version which has been submitted by writer in partial fulfillment of the Degree program in ICT

 

 

 

 

  
Custom Search

< Part 1 | Part 2 | Part 3 | Part 4 | Part 5 | Part 6 | Part 7 >