SystemsSec 2016W Lecture 13 - Revision history

Hassansaid: /* Classic Buffer Overflow Attack */

2016-03-08T01:20:30Z

Classic Buffer Overflow Attack

← Older revision		Revision as of 01:20, 8 March 2016
Line 23:		Line 23:
	[[File:ClassicBufferOverflow.png]]<br/>		[[File:ClassicBufferOverflow.png]]<br/>
	'''Figure 2:'''<br/>		'''Figure 2:'''<br/>
	'''Code Pointer:''' Not typically writing to pointer. You are writing to region ~~you~~ where pointer is.		'''Code Pointer:''' Not typically writing to pointer. You are writing to region of memory where the pointer is. <br/>
	'''Bad Code:''' The bad code attacker injects is "shell code" <br/>		'''Bad Code:''' The bad code attacker injects is "shell code" <br/>

Hassansaid: /* Memory Corruption Attack */

2016-03-08T01:13:27Z

Memory Corruption Attack

← Older revision		Revision as of 01:13, 8 March 2016
Line 16:		Line 16:
	'''Figure 1:''' System structure with certain portions of memory re severed for those types<br/>		'''Figure 1:''' System structure with certain portions of memory re severed for those types<br/>

	In a buffer overflow attack you can essentially over write some other portion of memory. For example an attacker may put to much information into the memory portion reserved for string such that it overflows into the memory space reserved for array. Safe languages such as Java are not susceptible to memory corruption attacks unless there is some bug in the compiler.		In a buffer overflow attack you can essentially over write some other portion of memory. For example an attacker may put too much information into the memory portion reserved for string such that it overflows into the memory space reserved for array. Safe languages such as Java are not susceptible to memory corruption attacks unless there is some bug in the compiler.

	A common way to know that your code is vulnerable to a buffer overflow/memory corruption attack is if you get a segmentation fault.		A common way to know that your code is vulnerable to a buffer overflow/memory corruption attack is if you get a segmentation fault.

Hassansaid at 00:31, 3 March 2016

2016-03-03T00:31:54Z

@@ Line 14: / Line 14: @@
 ==== Memory Corruption Attack ====
 [[File:systemMemory.png]]<br/>
-Figure 1: System structure with certain portions of memory re severed for those types
+'''Figure 1:''' System structure with certain portions of memory re severed for those types<br/>
 In a buffer overflow attack you can essentially over write some other portion of memory. For example an attacker may put to much information into the memory portion reserved for string such that it overflows into the memory space reserved for array. Safe languages such as Java are not susceptible to memory corruption attacks unless there is some bug in the compiler.
@@ Line 21: / Line 21: @@
 ==== Classic Buffer Overflow Attack ====
-The bad code comes from user input (network, keyboard, disk), in the program itself (just run in different way), environment variable.
+[[File:ClassicBufferOverflow.png]]<br/>

Hassansaid at 23:59, 2 March 2016

2016-03-02T23:59:23Z

← Older revision		Revision as of 23:59, 2 March 2016
Line 1:		Line 1:
	Class Notes
	Unsafe Language		== Topics & Readings ==
			* Reading: Aleph One (aka Elias Levy), [http://www.phrack.com/issues/49/14.html#article Smashing The Stack For Fun And Profit] (Phrack 49, 1996)
			* Buffer Overflow Attack
			* Memory Corruption Attack

			== Class Notes ==

			==== Unsafe Language ====
	Defined as languages, such as C, that are susceptible to buffer overflow attacks. Safe languages are not susceptible because they have really strong compilers.		Defined as languages, such as C, that are susceptible to buffer overflow attacks. Safe languages are not susceptible because they have really strong compilers.

	Secure systems are not susceptible to overflow attacks because the reference monitor is small enough to verify and remove any bugs. The reference monitor is also resilient due to the fact that it is outside the domain of process execution.		Secure systems are not susceptible to overflow attacks because the reference monitor is small enough to verify and remove any bugs. The reference monitor is also resilient due to the fact that it is outside the domain of process execution.

	Memory Corruption Attack		==== Memory Corruption Attack ====
			[[File:systemMemory.png]]<br/>
	Figure 1: System structure with certain portions of memory re severed for those types		Figure 1: System structure with certain portions of memory re severed for those types

Line 12:		Line 20:
	A common way to know that your code is vulnerable to a buffer overflow/memory corruption attack is if you get a segmentation fault.		A common way to know that your code is vulnerable to a buffer overflow/memory corruption attack is if you get a segmentation fault.

	Classic Buffer Overflow Attack		==== Classic Buffer Overflow Attack ====
			The bad code comes from user input (network, keyboard, disk), in the program itself (just run in different way), environment variable.

Hassansaid at 23:48, 2 March 2016

2016-03-02T23:48:02Z

← Older revision		Revision as of 23:48, 2 March 2016
Line 6:		Line 6:

	Memory Corruption Attack		Memory Corruption Attack
	~~[[File~~:~~C:/Users/hsaid1/Desktop~~/~~systemMemory~~.~~png]]~~		Figure 1: System structure with certain portions of memory re severed for those types

			In a buffer overflow attack you can essentially over write some other portion of memory. For example an attacker may put to much information into the memory portion reserved for string such that it overflows into the memory space reserved for array. Safe languages such as Java are not susceptible to memory corruption attacks unless there is some bug in the compiler.

			A common way to know that your code is vulnerable to a buffer overflow/memory corruption attack is if you get a segmentation fault.

			Classic Buffer Overflow Attack

Hassansaid: Created page with "Class Notes Unsafe Language Defined as languages, such as C, that are susceptible to buffer overflow attacks. Safe languages are not susceptible because they have really stron..."

2016-03-02T23:27:42Z

Created page with "Class Notes Unsafe Language Defined as languages, such as C, that are susceptible to buffer overflow attacks. Safe languages are not susceptible because they have really stron..."

New page

Class Notes
Unsafe Language
Defined as languages, such as C, that are susceptible to buffer overflow attacks. Safe languages are not susceptible because they have really strong compilers.

Secure systems are not susceptible to overflow attacks because the reference monitor is small enough to verify and remove any bugs. The reference monitor is also resilient due to the fact that it is outside the domain of process execution.

Memory Corruption Attack
[[File:C:/Users/hsaid1/Desktop/systemMemory.png]]