How Buffer Overflows Are Used To Exploit Computers?

How Buffer Overflows Are Used To Exploit Computers?

Buffer Overflow

Buffer overflow attacks represent the vast majority of all attacks against information systems as buffer overflow vulnerabilities are common and relatively easy to exploit. Buffer overflow vulnerabilities are the main cause of intrusions in computer systems because they provide the attacker the ability to execute malicious code.

Buffer is a closest blocks of memory which resides in the PC memory, which stores application data. In C is called a buffer array, they can be called dynamic or static: static variables are allocated at load time on the data segment; the dynamics are allocated at load time on the system stack. The overflow, as you can guess from the term itself, is to fill a buffer over the edge. For the creation of a buffer overflow exploits are exploited dynamic arrays. The inserted code is executed by the system with the privileges of the program washing and allows the attacker to control the victim host other services he is interested in check.

Figure: 1 Buffer Overflow

The reason for the buffer overflow attack is to take control of the executed program and, in the case that the software has sufficient privileges, to take control of the host even the same. And 'in fact, that the attacker chooses a custom application that “runs” as root in order to get a root shell directly attached to the system, this is also one of the reasons why software such as, for example, send mail (which runs with root privileges) were among the most commonly used buffer overflow attacks. Fortunately this is not always possible because in order to get a root shell that attack the system must prepare the code to use and to run in the address space of the program, allowing the application to jump to that section of code with parameters exact, loaded into registers and memory.

Buffer Overflows Exploit Computers

The exploitation of buffer overflow is the most common attack methods by which criminals attempt to accommodate malware on PCs. Buffer overflows are the general form of a larger set of vulnerabilities that are called depending on the specific vulnerability as a heap overflow, stack overflow, integer overflow, or string overflow.

The crash is annoying, but not in itself dangerous. The danger for the PC only arises when using manipulated data, such as a Word document, a PDF or SWF file, additional program code starts.

To understand how this works, you have to view the memory management more closely. When a program is started, it tells the operating system to a specific memory area. In a part of it is the actual program code. It is protected and cannot be changed. Above it is the heap in which the system stores global variables and constants. Can record then follow the stack, the local variables and the contents of processor registers. In the stack are also the return addresses of subroutines, so of branches in the main ...