| author | Christian Urban <christian dot urban at kcl dot ac dot uk> |
| Sat, 04 Oct 2014 13:32:51 +0100 | |
| changeset 199 | 20af800ce736 |
| parent 196 | 22f027da67ec |
| child 204 | 8fe0dc898c73 |
| permissions | -rw-r--r-- |
|
156
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
1 |
\documentclass{article}
|
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
2 |
\usepackage{../style}
|
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
3 |
|
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
4 |
|
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
5 |
\begin{document}
|
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
6 |
|
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
7 |
\section*{Handout 3 (Buffer Overflow Attacks)}
|
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
8 |
|
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
9 |
By far the most popular attack method on computers are buffer |
|
191
f675aa15b6d0
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
156
diff
changeset
|
10 |
overflow attacks or variations thereof. The popularity is |
|
f675aa15b6d0
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
156
diff
changeset
|
11 |
unfortunate because we now have technology to prevent them |
|
f675aa15b6d0
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
156
diff
changeset
|
12 |
effectively. But these kind of attacks are still very relevant |
|
f675aa15b6d0
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
156
diff
changeset
|
13 |
even today since there are many legacy systems out there and |
|
f675aa15b6d0
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
156
diff
changeset
|
14 |
also many modern embedded systems do not take any precautions |
|
f675aa15b6d0
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
156
diff
changeset
|
15 |
to prevent such attacks. |
|
156
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
16 |
|
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
17 |
To understand how buffer overflow attacks work we have to have |
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
18 |
a look at how computers work ``under the hood'' (on the |
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
19 |
machine level) and also understand some aspects of the C/C++ |
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
20 |
programming language. This might not be everyday fare for |
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
21 |
computer science students, but who said that criminal hackers |
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
22 |
restrict themselves to everyday fare? Not to mention the |
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
23 |
free-riding script-kiddies who use this technology without |
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
24 |
knowing what are the underlying ideas. |
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
25 |
|
|
196
22f027da67ec
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
191
diff
changeset
|
26 |
\bigskip\bigskip \noindent If you want to know more about |
|
22f027da67ec
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
191
diff
changeset
|
27 |
buffer overflow attacks, the original Phrack article |
|
22f027da67ec
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
191
diff
changeset
|
28 |
``Smashing The Stack For Fun And Profit'' by Elias Levy (also |
|
22f027da67ec
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
191
diff
changeset
|
29 |
known as Aleph One) is an engaging read: |
|
22f027da67ec
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
191
diff
changeset
|
30 |
|
|
22f027da67ec
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
191
diff
changeset
|
31 |
\begin{center}
|
|
22f027da67ec
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
191
diff
changeset
|
32 |
\url{http://phrack.org/issues/49/14.html}
|
|
22f027da67ec
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
191
diff
changeset
|
33 |
\end{center}
|
|
22f027da67ec
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
191
diff
changeset
|
34 |
|
|
156
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
35 |
\end{document}
|
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
36 |
|
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
37 |
%%% Local Variables: |
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
38 |
%%% mode: latex |
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
39 |
%%% TeX-master: t |
|
3b831b9dc616
added some initial handouts
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
40 |
%%% End: |