Scribd
Upload
26 views11 pages

Buffer Overflow: Name: Majed Imad Course: Operating Systems Date: 17/12/2019

Buffer overflows occur when more data is written to a buffer than it can store, overwriting previous data and potentially causing crashes or unpredictable behavior. Some programming languages like C and C++ are more susceptible to buffer overflow issues due to improper input validation. There are two primary types of buffer overflows: stack overflows and heap overflows. Developers can help prevent buffer overflows by checking input length before using unsafe functions, avoiding dangerous functions, and employing protections like non-executable memory and address space layout randomization. Exploits may overwrite the program counter to execute malicious code or redirect execution to system calls to create a shell.

Uploaded by

Majed Imad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
26 views11 pages

Buffer Overflow: Name: Majed Imad Course: Operating Systems Date: 17/12/2019

Buffer overflows occur when more data is written to a buffer than it can store, overwriting previous data and potentially causing crashes or unpredictable behavior. Some programming languages like C and C++ are more susceptible to buffer overflow issues due to improper input validation. There are two primary types of buffer overflows: stack overflows and heap overflows. Developers can help prevent buffer overflows by checking input length before using unsafe functions, avoiding dangerous functions, and employing protections like non-executable memory and address space layout randomization. Exploits may overwrite the program counter to execute malicious code or redirect execution to system calls to create a shell.

Uploaded by

Majed Imad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 11

BUFFER OVERFLOW

Name: Majed Imad

Course: Operating Systems


1
Date: 17/12/2019
Definition

• From the word “overflow” we can deduce that buffer overflow is a buffer that has been
filled more than it can tolerate.
• A buffer overflow occurs when more data are written to a buffer thus overwriting on the
previous data and causing unpredictable results or crashes.
• Buffer overflows happen when there is improper validation.
Memory Layout Of A Process
Vulnerability

• Some programming languages are more susceptible to buffer overflow issues, such as C
and C++.
• Buffer overflow vulnerabilities are difficult to find and exploit.
• The malicious extra data may contain code designed to trigger specific actions.
• There are two primary types of buffer overflow vulnerabilities: stack overflow and heap
overflow.
How does it work?
NOP-sled

Shellcode Anything Ptr

NOP Shellcode Ptr


How To Prevent a Buffer Overflow?

• The developer must check the input length before using any functions that might cause an
overflow to happen.
• Avoid unsafe functions that can lead to a buffer overflow vulnerability:
printf, sprintf, strcat, strcpy, and gets.
• Protect against buffer overflows by using an extension of a compiler that uses canaries.
How To Prevent a Buffer Overflow?

• OS-level changes:
- NX (non-executable memory)
- ASLR (address space layout randomization)
- Stack smashing protections (Stack-Guard)
Exploitation of protection methods:

• Overwrite the PC
• Let the PC point towards something which can create a shell “/bin/bash”
• Point PC to libc
- System() call can help us create a shell
Exploitation of protection methods: Return to libc

Buffer[80] EBP return

80 Bytes 4 Bytes 4 Bytes 4 Bytes 4 Bytes

NOP Ptr1 Ptr2 Ptr3

System() Exit() /bin/bash

System() Ptr2 Ptr3

RET Arg 1
Thank You

You might also like