How does a buffer overflow attack occur?

Source: Internet
Author: User

 
I do not believe that I fully understand Buffer Overflow. I know that inserting code into the target machine will cause serious buffer management defects, but I don't know how a hacker can execute the code-probably when he or she gets control of the target machine. Can hackers ensure code is called? Or is this actually just a probability problem?

Experts replied:

A buffer overflow occurs when a program or process tries to store data that exceeds the expected value in the allocated data storage area or buffer zone. Since the created buffer can only store limited data, additional information will overflow into the adjacent buffer. When this happens, the valid data originally stored in these buffers will be damaged or overwritten. The buffer overflow of local variables in the function may overwrite the return address of the function. (The return address points to the next instruction that should be executed after the function is executed ). This may cause segment errors, while segment errors (segmentation fault) can crash the program. In some specific circumstances, after a program crashes, the hacker will receive a shell prompt (shell prompt: prompting the user to enter the command line), which gives control of the computer to the hacker. A more complex attack is that hackers use pointers to the code they want to execute to overwrite the return address, not just to crash the computer.

Stack-based buffer overflow attacks are the most common, but let's take a look at the heap-based buffer encroaching in JPEG processing (GDI +) development to see the clever features of buffer overflow attacks.

Microsoft's dynamic link library file is called GDIPlus. dll, which contains the graphic device interface and (GDI +) application programming interface (API) Library. It allows programmers to represent graphical objects and transmit them to output devices, such as monitors and printers. These DLL can process JPEG image files, but before checking the actual value, it allows the JPEG file to declare the length of the comment area ,. This may cause heap-based buffer overflow. Heap-based buffer attacks occur when data copies are written to the buffer zone in the heap. This means that the non-executable stack protection mechanism can be bypassed, resulting in the system being very vulnerable and allowing hackers to point to the code of the next process they want to run. The irony is that hackers can store the code in the comment area of JPEG files. Now, as long as attackers view the tampered images, hackers can exploit this vulnerability.

Buffer overflow attacks are so common because programming uses relatively low-level programming languages, such as assembly languages, C and C ++, which do not automatically limit the cache. Therefore, when the program checks the array or pointer, the programmer is required to manually manage the size of the allocated memory. Although hackers cannot guarantee that every overflow attack code can run successfully, given the success stories of various viruses and worms, they can still have a high success rate. To view how buffer overflow occurs, visit the Java program demonstration on the following website:

Html "> http://nsfsecurity.pr.erau.edu/bom_docs/demos/script.html. Another good website for beginners to learn about buffer overflow attacks is:

Http://www.securiteam.com/securityreviews/5op0b006uq.html.

 

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.