12/1/2016 Buffer Overflow Exploit (2)

file:///home/user/Desktop/queue/bufferover.html#(2) 1/8

Buffer Overflow ExploitSuresh Krishna

12/1/2016 Buffer Overflow Exploit (2)

file:///home/user/Desktop/queue/bufferover.html#(2) 2/8

Table of Contents1. What is Buffer Overflow?

2. Simple Program.

3. Worm of 1988.

4. Safer side.

12/1/2016 Buffer Overflow Exploit (2)

file:///home/user/Desktop/queue/bufferover.html#(2) 3/8

What is Buffer Overflow?Buffer Overflow is a situation where a program overruns the buffer’sboundary and overwrites adjacent memory locations.

By sending in data designed to cause a buffer overflow, it is possible towrite into areas known to hold executable code, and replace it withmalicious code.

Can be caused by using "gets".

12/1/2016 Buffer Overflow Exploit (2)

file:///home/user/Desktop/queue/bufferover.html#(2) 4/8

Pictoral View

12/1/2016 Buffer Overflow Exploit (2)

file:///home/user/Desktop/queue/bufferover.html#(2) 5/8

Simple Program

#include <stdio.h>#include <string.h>

void secretfunction(void) puts("You have been Hacked!!");

void pass(void) char pass[10] = "zilogic"; char buff[20]; int flag = 0;

gets(buff);

if (!strcmp(buff, pass)) flag = 1; if (flag) puts("Password Correct\nAuthorization Granted!!"); else puts("Password Wrong");

int main(void) printf("Enter Password\n"); pass();

return 0;

12/1/2016 Buffer Overflow Exploit (2)

file:///home/user/Desktop/queue/bufferover.html#(2) 6/8

Worm of 1988The Worm is named after its creator and releaser, Robert TappanMorris.

The worm made use of the buffer overflow vulnerability in the fingerprogram.

It took down nearly 10% of the Internet of that time.

12/1/2016 Buffer Overflow Exploit (2)

file:///home/user/Desktop/queue/bufferover.html#(2) 7/8

Alternatives1. fgets()

2. getline();

12/1/2016 Buffer Overflow Exploit (2)

file:///home/user/Desktop/queue/bufferover.html#(2) 8/8

Thank You!