Introduction
Many times you heard about the “Buffer overflow vulnerability” in a specific software, may be you also download a script or program to exploit it, but now, you’ll learn what a buffer overflow is, and what happens when it occures, including the risks for the corrupted system.
The trip to this vulnerability starts from theory and terminates with a laboratory experience that showes an exploitation of this vulnerability, in action.
This document is a “proof of concept” and its purpose is to take the reader from theory to practice in this vulnerability. Of course the author is not responsible for the potential “bad use” that someone can do with it.
Because of the existence of many different computer architectures, the content of this document will regard the only Intel x86 architecture and the operating system Linux.
More in depth, the experiment will regard an exploitation of a server process, running on an OpenSuSE 10.2 OS, kernel 2.6.18, compiled with gcc version 4.1.2.
Let’s start with a bit of theory.
Leggi il resto del post »
Condividi/segnala rapidamente: