Computer Security : Memory Controlr Overflow

731 Words3 Pages
Defining buffer overflow

Buffer overflow vulnerability considered one of the most common security exploit to exist, focuses on buffers, or memory allocations exploits eventually giving the attacker full control over a compromised system. This takes place when a process or programme writes or attempts to write data onto a static sized memory block than it was initially allocated.
By taking advantage of the buffer overflow attacker are always aiming to completely take control of the whole system by elevating their privileges to the Admin rights. To successfully attain this they identify a function pointer in memory that they them taking advantage of the buffer overflow functionality, where in many occasions pointing to a location where
…show more content…
Upon the crashing of the server and the exploit is identified (EIP) the attacker then has at hand where to inject the malicious code.
7. The malicious code commonly referred to as payload/shellcode which is a sequence of machine instruction interpretable by the computer’s CPU. Will then be executed.
8. Ensured the client has netcat to listen to specified ports where our shellcode will connect back.
9. ATM this point the payload executed of choice is the reverse shell a backdoor process that runs on the server side and as soon as its executed its connects to the client that, as soon as it is been executed at the server side, it connects back to the client, providing an interactive command interpreter, thus allowing us to execute commands to the server. In this instance the reverse shell was favoured because it can easily bypass any possible Firewall filtering incoming traffic to ports that are not being used by the server.

Remediation against buffer overflow:

• Enable ARC(Automatic reference counting) - this is a compiler(programme that processes statements writing in a programming language e.g. C,C++) attribute that enables it to automatically manage the memory objects.[2]
• Implement full ASLR (Address Space Layout Randomization) protection – this enables to choose different locations for your stack, heap, libraries, frameworks, and executable code each time you run your software
• Implement stack-smashing protection – Commonly done when compiling and

    More about Computer Security : Memory Controlr Overflow

      Get Access