Buffer overflow is an anomaly where a program, while writing data to a buffer, overruns the buffer’s boundary and overwrites adjacent memory. This is a special case of violation of memory safety. Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program operates. This may result in erratic program behavior, including memory access errors, incorrect results, a crash, or a breach of system security.
Objective
- Prepare a script to overflow buffer
- Run the script against an application
- Perform penetration testing for the application
- Enumerate a password list
Scenario
The most common vulnerability often exploited is the buffer overflow attack, where a program failure occurs either in allocating sufficient memory for an input string or in testing the length of string if it lies within its valid range. A hacker can exploit such a weakness by submitting an extra-long input to the program, designed to overflow its allocated input buffer (temporary storage area) and modify the values of nearby variables, cause the program to jump to unintended places, or even replace the program's instructions by arbitrary code.
If the buffer overflow bugs lie in a network service daemon, the attack can be carried out by directly feeding the poisonous input string to the daemon. If the bug lies in an ordinary system tool or application, with no direct access, the hacker attaches the poisonous string to a document or an email which, once opened, will launch a passive buffer overflow attack. Such attacks are equivalent to a hacker logging into the system with the same user ID and privileges as the compromised program.
Buffer overflow bugs are especially common in C programs, since that language does not provides built-in array bound checking, and uses a final null byte to mark the end of a string, instead of keeping its length in a separate field. To make things worse, C provides many library functions, such as strcat and getline, which copy strings without any bounds-checking.
As an expert ethical hacker and penetration tester, you must have a solid understanding of when and how buffer overflow occurs. You must understand stacks-based and heap-based buffer overflows, perform penetration tests for detecting buffer overflows in programs, and take precautions to prevent programs from buffer overflow attacks.
Buffer Overflow Exercises
Ethical Hacking Exercises / Buffer Overflow contains the following Exercises:
- Buffer Overflow Example
The Virtual Private Cloud for this Lab set utilizes:
Ethical Hacking Exercises are available as part of the following subscription:
The Exercises in this lab map to the Certified Ethical Hacker V10 Course. Each subscription provides 6 months of access to 107 Different Exercises. Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise.
Lab exercises are included for:
- Footprinting and Reconnaissance
- Scanning Networks
- Enumeration
- Vulnerability Analysis
- System Hacking
- Malware Threats
- Sniffing
- Social Engineering
- Denial of Service
- Session Hijacking
- Evading IDS Firewalls and Honeypots
- Hacking Web Servers
- Hacking Web Applications
- SQL Injection
- Hacking Wireless Networks
- Hacking Mobile Platforms
- Cloud Computing
- Cryptography