nullcon 2011 - buffer underrun exploits
DESCRIPTION
Buffer UnderRun Exploits by Chinmaya Kamal & Saurabh SharmaTRANSCRIPT
By Saurabh Sharma & Chinmaya Kamal(SETLabs, Infosys)
http://null.co.in/ http://nullcon.net/Saurabh & Chinmaya
● Buffer overflow attacks
● Cookie prevention
● Buffer Under Run Attacks
Saurabh & Chinmaya
•In some languages like C, boundchecking mechanisms are notimplemented. When the input data whichis used to fill the buffer is greater thanthe size of the allocated buffer, othervalues in the stack get overwritten. If theattacker designs this input carefully, hecan overwrite the return address with theaddress of his will. This address maypoint to some custom code, can be amalicious shell code. These attacks areknown as buffer overflow attacks.
•Buffer overflow attacks are caused when the buffers such as arraysare filled without the proper bound checking.
Saurabh & Chinmaya
Saurabh & Chinmaya
Saurabh & Chinmaya
Saurabh & Chinmaya
Saurabh & Chinmaya
Saurabh & Chinmaya
Saurabh & Chinmaya
•PHP5 Space Trimming Buffer Under Flow (Header(), MacOSX)
Saurabh & Chinmaya
Thank You
Saurabh & Chinmaya