Wednesday, February 8, 2012

INTRODUCING BUFFER OVERFLOW

In the information security in a term known buffer overflow (buffer overrun). Buffer overflow is a process that occurs within memory computer system where there is a process that is abnormaly at the time of temporary storage data in memory when the data to be stored exceeds the capacity of the buffer(temporary storage).

Usually in the process buffer overflow could have been a bug that can be used by hacker or cracker. Buffer overflow exploits are often in a way to send the inputs intentionally designed to trigger a buffer over flow condition. By sending inputs intentionally the attacker will known where is the vulnerability from the memory storage, so this situation is used the attacker to sending code which aims to benefit the attacker. If this situation occurs the attacker can be change the information or take the information. Two kinds of buffer overflow in the memory storage computer system they are stack and heap.

Stack Overflow
Stack overflow occurs when the software tries to write data into a stack which exceeds the amount of value that can be accommodated by the buffer on the stack, so it would disrupt the existing command structure in the memory registers. for example, a program has a variable that stores the data of 16 bytes into the stack, but the user fill in as much as 32 ​​bytes into the application, then the remaining 16 bytes will pile into another register within the stack. applications typically will issue a segmentation fault error message. This happens because the EIP crushed by some data from a total of 16 bytes of excess data.

Heap corruption
The difference with a stack overflow is stored in memory in the heap is dynamically allocated by the application at runtime applications, and typically contain data from the application. Different from the pre-determined amount of stack buffer, it use of the application heap buffer that will determine the size of the buffer when needed. To make the application run on a heap buffer overflow, can be done by making an application data residing on the heap becomes corrupted so as to make the application do the overwriting data in the heap that alter the internal structure of the memory heap.

source : Harmless Hacking (MRP)

0 comments:

Post a Comment