What are Buffer Overflows

The central theme of this blog site is to discuss the technical aspects of prevalent attacks. The title of the blog site is buffer overflow which may bring to question, what is buffer overflow? Another question may be how is buffer overflow relevant to cybersecurity?

Too understand what buffer overflow is, it is first necessary to define what a buffer is. A buffer is temporary storage that follows a queue (first in first out) implementation. Buffer memory sizes are fixed, and it is this feature that allows buffer overflows to occur.

Buffer overflows occur when a program (could be malicious in nature) overruns a buffer's boundary. In the case of a stack buffer overflow, if the return address of buffer is overwritten it will cause a segmentation fault. This may cause a program to point back to an unintended area of the buffer.

If an attacker was to build a NOP sled, this would give the attacker complete control over the program. This is were buffer overflow attacks become relevant to cyber security as many internet worms utilizes buffer overflows to gain control over a program. A great video for seeing how an attack may be set up can be found in the youtube channel computerphile:

https://www.youtube.com/watch?v=1S0aBV-Waeo

Another great resource to check out is the book Hacking: The Art Of Exploitation (2nd ed.) by Jon Erickson. Be sure to leave questions or comments in the comments section, until next time!

Comments

Popular posts from this blog

Covering Your Tracks

LDAP Vulnerabilities

Setting Up a Proxy to Protect Your Public IP (An Introduction to Proxies)