I read many articles about unsafe functions such as strcpy, memcpy, etc., which may include security problems when processing external data The file or the content of the data coming from the socket can give birth. It may sound stupid, but I wrote a weak program but I did not manage "hack".
I understand the problem of buffer overflow. Take this example code:
int main () {four buffers [1]; Int var = 0; Scan ("% s", and buffer); Printf ("var = 0x% x \ n", var); Return 0; } When I execute the program and type "abcde", the program outputs 0x65646362 which is "edcb" in hexadecimal + sa-endian. Although I have read that you can modify the AIP value that was pushed onto the stack so that the program could execute some unwanted code (such as before calling the system () function.)
However, the assembly of the functions begins like this:
push% ebp mov% ebp,% esp and $ 0xfffffff0,% esp sub $ 0x20,% esp % Esp's value is random at the beginning of the function and due to this "and", the exact AIP value in the pushed AIP value Value is no reliable way to write.
In addition, I have read that it was possible to execute the code written in your buffer (here the buffer is only 1 byte long, but in reality it will be quite large enough to store some code) but such a What value will you get (to consider) the location of the buffer is random?
Therefore developers are concerned about security problems (except that the program may crash)? Do you have an example of a weak program and how it "hacks" execute unwanted code? I tried to do it on Linux, is Windows less secure?
Read the excellent article by Alleff One.
Comments
Post a Comment