Buffer Overflow Masterclass

For starter, Buffer Overflow only occurs when the program has attempted to write more data into the fixed block of memory. The attacker will send crafted data to the memory and executed the arbitrary code where the possibility of taking over the machine is high.

The sample of the vulnerable code can be seen below:

include <studio.h>
{
void function(char name)
char buf[90]
printf("Buffer Overflow test")
}

int main
{
echo();
}

Inside an Operating System, the execute code will look like following where it will be stored in a very specific way.

  • A kernel is on the top memory where it will have command-line arguments and environment variable that been passed to the program via parameters.
  • On the bottom of the memory, it contains actual code for the system that read from the program file by executing the code. This is also called a text
  • The variables for uninitialized and initialized that been stored are been called as data.
  • Allocation of big data such as image and large files will be stored in a heap which located above of the data memory.
  • When a new function is been called, the data will move at the end of the stack.
Source: Youtube

Author: Wan Ariff

He brings with him more than 2 years of working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *