A Simple Buffer Overflow Demonstration — Part 1
Hello Security folks, In today’s article, We will be talking on Buffer Overflow Attacks. As the topic is vast, we will be diversifying the topic in parts and will discuss on it as we go in-depth.
What is Buffer?
A buffer is an allocated section of memory which can hold anything from a string of characters to an array of integers. Those memory allocations are volatile and they temporarily hold the data while transferring data from one location to another.
How does Buffer Overflow occurs?
A buffer overflow occurs when the data being processed exceeds the storing capacity of the buffer. This results in the program overwriting the data in the adjacent memory locations which lead to overflow of the buffer.
We will try to understand this concept with an example.
A buffer is designed in a way that it would accept 8 bytes of data. Now, if the data inputted by the user is more than 8 bytes then the data which is over 8 bytes would overwrite the adjacent memory exceeding the allocated buffer space. In time, this would create segmentation faults followed by many other errors resulting in termination of program execution.
As we can see in the above pic, the memory allocated was 8 bytes while the data inputted by the user was 10 bytes which surpassed the buffer limit, and those extra 2 bytes of data (1 & 2) was overwritten to the adjacent memory locations.
Now that we have a general understanding of Buffer Overflow, We will have a look on the types of Buffer Overflow.
Types of Buffer Overflow
Note: You need to have a little bit of understanding of computer programming , Although we will be covering the topics like CPU Registers and working of stack in next article.
Stack-based Buffer Overflow
It occurs when a program overwrites to a memory address on the program’s call stack outside of the buffer boundary which has a fixed length. In stack buffer overflow, the extra data is written in adjacent buffers located on the stack. This results in the crashing of the application because of errors related to memory corruption caused in the overflown adjacent memory locations on the stack.
No big deal if you don't understand the following statement as we are going to cover it in further articles.
Heap Buffer Overflow
The heap overflow occurs when a piece of memory is assigned to the heap and the data is written to that memory without the data being checked. This may result in some critical data structures in the heap, such as heap headers, or any heap-based data, such as dynamic object pointers, which can overwrite the virtual function table.
In next article, We will try to understand how stack works and occurrence of Stack-based Buffer Overflow. Our final goal for this is to get familiar with how Buffer Overflows are used in order to get Reverse-Shell from the victim. So, that is it for this article, I hope you enjoyed it and learnt new things, I will be releasing further parts of the topic soon till then SAYONARA!!
LinkedIn : www.linkedin.com/in/tejas-kand