Tenouk - A complete C, C++ and Buffer Overflow resources

Tenouk's C programming and buffer overflow programming flaw on Linux and Windows OS tutorial. Experience a step-by-step, hands-on approach, with working C program examples and experimental demonstrations for the buffer overflow threats and software exploits

 

 

 

About

 

Home

 

C/C++ Standards

 

Using C/C++ Compilers

 

C/C++ Tutorial

 

C and Win32 Tutorial

 

C and Winsock2 Tutorial

 

C, Winsock 2 and IPv6 Tutorial

 

C and Linux Socket Tutorial

 

C++ and Object Oriented Tutorial

 

C and C++ Standard Library Online Documentation

 

 

C/C++ and Buffer Overflow

 

C++ and Standard Template Library (STL)

 

C++ and Microsoft Foundation Class (MFC)

 

C, C++ AND BUFFER OVERFLOW:

README FIRST

 

Every C/C++ coder or programmer must know the buffer overflow problem before they do the coding. A lot of bugs generated, in most cases can be exploited as a result of buffer overflow. There are many security portals that provide buffer overflow information and updated daily. In most cases the buffer overflow problems are overcame by providing patches and Service Packs. The term 'buffer' used is general because there are several type of buffers that normally can be over flown such as stack and heap.

This tutorial try to investigate buffer overflow problem using C programming on Linux/Fedora machine. It will focused on the stack based buffer overflow and hopefully can provide a general overflow information for other type of buffers.

If you go through this tutorial, you will notice that buffer overflow can be avoided or minimized by programmers though it is not 100 percent reliable.

Learn and Master C Programming in Weeks!

 

C & C++ Libraries, Toolkits, APIs, Components etc.

 

Use Your C/C++ Skills in The C/C++ Challenge

 

C and C++ Code Snippet Listing

 

C & Linux Device Driver (ext)

 

Java programming resources and its' open source friends

 

C & C++ CERT Secure Coding Standards

 

C and C++ Code Sample Index

 

C++ and Microsoft Foundation Class (MFC) - Advanced Topics

 

C++, Winsock, WinInet and MFC

 

::Visual C++ .NET 2003/2005 Express/Visual Studio::

 

C and Linux Programming - advanced

 

Search C & C++ Source Codes, Programs

 

 

 

 

The platform used in this tutorial is Linux/Fedora Core. For decades the unsafe C and some of the C++ standard libraries have been exploited for the buffer overflow vulnerabilities. The patches and rework done to those libraries still can't protect codes and applications reliably however there are several secure coding Standards have been published such as from cErT.org. It starts with the basic study of the microprocessor architecture and then go through the process how the C program compiled, run and loaded into memory. You must have knowledge and skill on how to use GCC, GDB and Assembly language in order to fully understand the story. Fortunately those information also available in Using GCC/G++ 1 and Using GCC/G++ 2.

 

C/C++ and Buffer Overflow Topics

 

Buffer overflow, one of the widely used exploit in the last decades that effect the internet domain in large for example through virii and worms. What is the real cause actually? In this tutorial we will investigate some of the fundamental reasons that can be found in C/C++ programs, applications and processors that can generate the buffer overflow problem. Though most of the C/C++ functions/libraries already implemented new constructs, the secure constructs, the effect still can be seen till today. You will see that programmers also must be competent and have the responsibility in building programs or applications that are secure.

  1. Introduction - Intro to how and why buffer overflow happens and exploited.

  2. Basic of x86 Architecture - The basic of Intel processor internal architecture that related to buffer overflow topics, registers and basic instruction sets operations.

  3. Assembly Language - Introduction to the assembly language, needed to program buffer overflow codes during the Shellcode building, payload crafting and shrinking the size of the C programs.

  4. Compiler, Assembler & Linker - The process of compiling, assembling and linking C/C++ codes, the step-by-step operations.

  5. C Function Operation - The details of the C/C++ function operation, stack call setup and destruction.
  6. C Stack Setup - The C/C++ stack story, exposes the exploited buffer in registers.

  7. Stack Operation - The C/C++ stack operation that exposes the exploited buffer.

  8. Stack-based Buffer Overflow - How the processor's buffer can be over flown by malicious codes.

  9. Shellcode: The Payload - Understanding and creating the shellcodes for the buffer overflow payloads, creating the malicious codes.

  10. Vulnerability & Exploit Examples - Testing the the real C codes in the real and controlled environment to show the buffer overflow in action. Escalating the local Linux Fedora Core root privilege.

  11. C, C++ and Bufferoverflow Books

 

Other Related Resources

  1. GetCheapBooks.com - Compare over 4 million prices on new and used books and textbooks

  2. C Programming books at Amazon

  3. Cheap College Textbooks: Compare Prices on New & Used Textbooks

  4. Search, Preview and Full View C/C++ Books at Google Books!

  5. Find your text books at Amazon

  6. Cheap Textbook Finder: One Click to Compare 110 Bookstores Prices!

 

Stack-based buffer overflow revisited with another experimental demonstration using Fedora 9 as a guest machine (VMware) on Windows XP Pro SP2 Host

 

 

 

 
Custom Search
 

Best viewed using IE 4.0/FireFox 1.0.0 and above but if your eyes can view the pages, that is the best resolution.

Broken link? Respond to Webmaster: [C & Buffer overflow]

Copyright 2003 - 2009 © Tenouk. All rights reserved.

 

Excellent hosting services for Tenouk: Windows/Linux VPS Plans from $11.17/month  

 

Translate, email to friends and share:

| DOWNLOAD  |  SITE INDEX  |  DISCLAIMER  |  PRIVACY | CONTACT | TELL EVERYBODY |