sen-material: handouts/ho03.tex@8fe0dc898c73 (annotated)

156 3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	1	\documentclass{article}
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	2	\usepackage{../style}
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	3
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	4
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	5	\begin{document}
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	6
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	7	\section*{Handout 3 (Buffer Overflow Attacks)}
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	8
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	9	By far the most popular attack method on computers are buffer
191 f675aa15b6d0 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 156 diff changeset	10	overflow attacks or variations thereof. The popularity is
f675aa15b6d0 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 156 diff changeset	11	unfortunate because we now have technology to prevent them
f675aa15b6d0 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 156 diff changeset	12	effectively. But these kind of attacks are still very relevant
f675aa15b6d0 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 156 diff changeset	13	even today since there are many legacy systems out there and
f675aa15b6d0 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 156 diff changeset	14	also many modern embedded systems do not take any precautions
f675aa15b6d0 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 156 diff changeset	15	to prevent such attacks.
156 3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	16
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	17	To understand how buffer overflow attacks work we have to have
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	18	a look at how computers work ``under the hood'' (on the
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	19	machine level) and also understand some aspects of the C/C++
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	20	programming language. This might not be everyday fare for
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	21	computer science students, but who said that criminal hackers
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	22	restrict themselves to everyday fare? Not to mention the
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	23	free-riding script-kiddies who use this technology without
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	24	knowing what are the underlying ideas.
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	25
204 8fe0dc898c73 added example1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 196 diff changeset	26
8fe0dc898c73 added example1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 196 diff changeset	27	\bigskip
8fe0dc898c73 added example1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 196 diff changeset	28	For buffer overflow attacks to work a number of innocent
8fe0dc898c73 added example1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 196 diff changeset	29	design decisions, which are benign on their own, need to
8fe0dc898c73 added example1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 196 diff changeset	30	conspire against you. One such design decision is how the
8fe0dc898c73 added example1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 196 diff changeset	31	memory is laid out for each process.
8fe0dc898c73 added example1 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 196 diff changeset	32
196 22f027da67ec updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 191 diff changeset	33	\bigskip\bigskip \noindent If you want to know more about
22f027da67ec updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 191 diff changeset	34	buffer overflow attacks, the original Phrack article
22f027da67ec updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 191 diff changeset	35	``Smashing The Stack For Fun And Profit'' by Elias Levy (also
22f027da67ec updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 191 diff changeset	36	known as Aleph One) is an engaging read:
22f027da67ec updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 191 diff changeset	37
22f027da67ec updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 191 diff changeset	38	\begin{center}
22f027da67ec updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 191 diff changeset	39	\url{http://phrack.org/issues/49/14.html}
22f027da67ec updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 191 diff changeset	40	\end{center}
22f027da67ec updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 191 diff changeset	41
156 3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	42	\end{document}
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	43
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	44	%%% Local Variables:
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	45	%%% mode: latex
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	46	%%% TeX-master: t
3b831b9dc616 added some initial handouts Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	47	%%% End:

author	Christian Urban <christian dot urban at kcl dot ac dot uk>
	Sun, 05 Oct 2014 18:20:31 +0100
changeset 204	8fe0dc898c73
parent 196	22f027da67ec
child 206	0105257429f3
permissions	-rw-r--r--