BufferOverflow

BufferOverflow - How Does Buffer Overflow Attack Work S C Kothari CPRE 556 Electrical and Computer Engineering Dept Iowa State University Security

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
1 How Does Buffer Overflow Attack Work S. C. Kothari CPRE 556 Electrical and Computer Engineering Dept. Iowa State University Lecture Notes - Copyright © 2009 S. C. Kothari. Al rights reserved. 2 Security: When is it software problem • We can distinguish security problems by the mechanisms requiring changes to eliminate the vulnerability. • Network Problem: requires changing networking mechanisms such as network protocols. • OS Problem: requires changing OS mechanisms such OS resource management policies. • Software Problem: requires changing software implementation or design Lecture Notes - Copyright © 2009 S. C. Kothari. Al rights reserved. 3 Security Bugs Can Be Expensive • Buffer overflow in IIS – Estimated cost: $3.26 billion • Buffer overflow in SQL Server – Estimated cost: $1.2 billion Lecture Notes - Copyright © 2009 S. C. Kothari. Al rights reserved. 4 What Entrances Do the Hackers Use • Hackers exploit interactions with: – Operating System – User Interfaces – File System – Libraries Lecture Notes - Copyright © 2009 S. C. Kothari. Al rights reserved. 5 Buffer Overflow Attack (BOA) • Deadly attack underlying many computer highjackings in the past. • Dominate the area of remote network penetration vulnerabilities, where an anonymous Internet user seeks to gain partial or total control of a host. • Present the attacker the ability to inject and execute attack code. • Typically attack a root program and executes code similar to “exec(sh)” to get a root shell. • The attack is possible with C and C++ programs, not with Java. Lecture Notes - Copyright © 2009 S. C. Kothari. Al rights reserved. 6 BOA Basic Idea • The idea is simple: enter long strings into input fields, could be APIs/exposed internal objects • This is an important bug because: – copy/paste into inputs fields is a fairly common practice • Buffer overflow may be exploitable by a hacker to get arbitrary code to run on a system.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 11/04/2009 for the course CPR E 416 taught by Professor Kothari during the Spring '09 term at Iowa State.

Page1 / 3

BufferOverflow - How Does Buffer Overflow Attack Work S C Kothari CPRE 556 Electrical and Computer Engineering Dept Iowa State University Security

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online