Buffer Overflow Attack Part 1 -The Basics Tutorials
This article explains the most commonly known attack buffer overflow at a very basic level.
What is Buffer over Flow?
Buffer over flow happens when any process tires to store data in a buffer more then the actual memory which is allocated by the programmer during coding time buffer overflow happens at run time mostly. Here is an example of a Program which has a buffer size of 10. This example will explain you more about buffer overflow. We need to understand the the programs given below
Buffer Flow Happens due to Lack of Boundary Checks
printf(“Enter Your Name”);
printf(“Your Name is %s\n”, name);
Normal Conditions : when we run this program it will ask us to “Enter Your Name” then we will type our name “Mohit” looks fine till this point then it will print “Your Name is Mohit” which looks completely fine.
Buffer Overflow Conditions : when we run this program again it will ask us to “Enter Your Name” then we type “Mohit Kumar Yadav” see it carefully last time it executed successfully but this time it will give an Overflow Error and Program will terminate unexpectedly it is because this program can only store buffer size of 10 characters but we gave “Mohit Kumar Yadav” which is 17 characters. This is called Buffer over flow. This happened because these functions like strcpy() strcat() sprintf() vsprintf() scanf() getchar() does not performs any kinds of boundary Checks,
Now what is Boundary Checks. By boundary checks we means while accepting the data it does not checks the amount of data that variable can store it will try to store as much data as much you will type and when you finish typing and press enter it tries to push complete data to the variable ie “name” but here name has a fixed buffer size of 10 it can not store more then 10 bytes. So the program terminates. Program Terminates because it tries to overwrite the adjacent memory , which normally contains other data like program variables values and program execution flow So Program Terminates with “Segmentation error”.
Buffer overflow is a clear cause of improper or inefficient programming done. Some times programming languages also had some limitations due to which these kind of situations could arise. in the program get() function which is a C library function does not performs any kind of boundary checks.
We need to under stand about stack. Stack is used to allocate the local variables in functions dynamically,also passing parameters to functions at run time and any return values coming from functions. Stacks works on basics concepts of LIFO – Last In First Out that means
any elements which goes last it came out First ie Last In First Out.
Lets Talk more about Stack implementations
In Buffer Over Flow Conditions stack will be like below given
Buffer Over Flow Condition : but wen we enter Mohit Kumar Yadav stack will be like this
Buffer Space——– Mohit kuma
r Yadav (Return address have been over written with our extra data which we entered due to this program currupts and terminates unexpectedly )
Hackers Overwrites the Return address of the program with there Shell Code.