Tagged Questions

1
vote
2answers
150 views

Overflowing a stack in theory.. and assembly

Assuming an x86 system with no aslr I'd like to ask the following; 1) Theory says that when we execute a stack overflow attack, the value pointed to by the ebp register is overwritten with the new ...
1
vote
1answer
82 views

Does each process has its own portion of utopia in the memory?

By doing some cat /proc/*some PID*/maps on multiple processes on a machine, I notice they all have the same starting point in regards to memory address, being 0x8048000. Does this mean that every ...
10
votes
3answers
303 views

Smashing the stack example3.c confusion

Article can be found here. I'm reading up on smashing the stack and have found myself to be getting stuck on example3.c. 0x80004a3 <main+19>: call 0x8000470 <function> 0x80004a8 ...
3
votes
2answers
354 views

What is the difference between STATUS_STACK_BUFFER_OVERRUN and STATUS_STACK_OVERFLOW?

I just found out that there is a STATUS_STACK_BUFFER_OVERRUN and a STATUS_STACK_OVERFLOW. What's the difference between those 2? I just found Stack overflow (stack exhaustion) not the same as stack ...
0
votes
1answer
104 views

Are the old days of code injection over? [closed]

I was wondering since all updated operating systems guard against stack and heap type overflows via ASLR, Canary Checks, and other such methods, are memory corruption exploits still prevalent? Given ...
0
votes
1answer
366 views

Rewriting EBP stack return value

Hi I'm trying to write an overflow exploit for a simple program that I've built. Bellow is the C program that I've written. #include <unistd.h> #include <string.h> #include ...
2
votes
3answers
1k views

Execution of function pointer to Shellcode

I'm trying to execute this simple opcode for exit(0) call by overwriting the return address of main. The problem is I'm getting segmentation fault. #include <stdio.h> char shellcode[]= ...
0
votes
2answers
223 views

Is buffer-overflow considered a “solved problem” ? (at least for future systems)

I am looking at various buffer/heap/stack protection technologies such as PAX, DEP, NX, CANARIES, etc And a new one SMEP - ...
7
votes
1answer
2k views

return to libc - problem

I'm having problems with return-to-libc exploit. The problem is that nothing happens, but no segmentation fault (and yes I'm actually overflowing the stack). This is my program: int main(int argc, ...
1
vote
3answers
236 views

Buffer Overflow-Not getting the Correct output

the Shell code print the hostname(bin/hostname). but when i execute the code its shows me the the path in reverse order but not printing the HOSTNAME. I am actually doing the buffer over flow . I ...
0
votes
4answers
131 views

problem with ansi c unexpected behaviour? [closed]

I am suffering from an unexpected behavior; here is the problem definition: I have applications communicating on a LAN via UDP protocol. I am reading the IP address and port number from a text file. ...
1
vote
4answers
347 views

about buffer overflow

I am new to the ethical hacking world, and one of the most important things is the stack overflow, anyway I coded a vulnerable C program which has a char name [400] statement, and when I try to run ...
3
votes
3answers
2k views

Illustration of buffer overflows for students (linux, C)

My friend is teacher of first-year CS students. We want to show them buffer overflow exploitation. But modern distribs are protected from simples buffer overflows: HOME=`perl -e "print 'A'x269"` ...
15
votes
3answers
329 views

Special PHP Errors

How can PHP cause memory leaks, buffer overflows, stack overflows and any other errors of such kind? Can PHP even cause such errors?
3
votes
3answers
518 views

Setting up Environment for Buffer Overflow Learning

I am currently reading several security books(my passion) regarding secure programming, however either the distro's they provide on disc are faulty, or non-existent. Books:Hacking The art of ...
24
votes
8answers
5k views

What is the difference between a stack overflow and buffer overflow?

What is different between stack overflow and buffer overflow in Programming ?
4
votes
3answers
2k views

Is there any way to bypass SSP (StackSmashing Protection)/Propolice?

After some research i haven't found any paper describing method to do this (no even an unreliable one). It seems that SSP (StackSmashing Protection)/Propolice
5
votes
2answers
4k views

stack execution protection and randomization on ubuntu

As part of a course assignment i need to write an exploit code to cause a buffer overflow and execute code that is present on stack. I have turned off the stack randomiztion by the following command: ...
7
votes
3answers
4k views

Stack Overflow Exploit in C

Hey there guys, the question is actually about stack overflows in C. I have an assigment that I can not get done for the life of me, I've looked at everything in the gdb and I just cant figure it. ...