Overflows: Smashing the Stack for Fun and Profit
This week we are moving away from web based vulnerabilities and jumping onto the server.
We will be focusing on buffer overflows, which are an interesting branch of security analysis. While you are unlikely to have to exploit these kind of vulnerblilites, its still useful to understand how they occur, it also gives you the chance to brush up on your operating systems theory.
A Buffer Overflow, is a type of attach that lets us inject code into a running binary modifying its behaviour.
While protection mechanisms mean that finding overflows "In the wild" is becoming rarer, there are still high profile exploits based on this attack being discovered, such as the issue with windows defender discovered by the NCSC1.
We will start by looking at the mechanics of a buffer overflow, and why they occur. We will then look at using a simple overflow to modify the behaviour of a program. We will then look at more advanced overflows, and examine some ways of defeating protection mechanisms.
Note
You don't need this for the coursework, and its not really essential to understand them in depth, so don't stress too much over the tasks. But its a really interesting and satisfying attack, so I think its worthwhile.
However, its important to have an understanding that these things exist, and the kind of stuff an attacker can do with them. You dont want to be that person responsible for writing the insecure code.