12 %https://www.trustwave.com/Resources/SpiderLabs-Blog/How-I-Cracked-a-Keylogger-and-Ended-Up-in-Someone-s-Inbox/ |
12 %https://www.trustwave.com/Resources/SpiderLabs-Blog/How-I-Cracked-a-Keylogger-and-Ended-Up-in-Someone-s-Inbox/ |
13 % using an exploit from 2010 |
13 % using an exploit from 2010 |
14 % https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3333 |
14 % https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3333 |
15 |
15 |
16 |
16 |
|
17 % https://github.com/cs01/gdbgui/ |
|
18 % gdb frontend |
|
19 |
17 \begin{document} |
20 \begin{document} |
18 \fnote{\copyright{} Christian Urban, King's College London, 2014, 2015, 2016} |
21 \fnote{\copyright{} Christian Urban, King's College London, 2014, 2015, 2016, 2017} |
19 |
22 |
20 \section*{Handout 3 (Buffer Overflow Attacks)} |
23 \section*{Handout 3 (Buffer Overflow Attacks)} |
21 |
24 |
|
25 \begin{flushright} |
|
26 \begin{minipage}{9cm} |
|
27 \it ``We took a network that was designed to be resilient to nuclear war and |
|
28 we made it vulnerable to toasters.''\\\mbox{}\hfill\small --- Eben Upton, 2017, RPi co-founder |
|
29 \end{minipage} |
|
30 \end{flushright}\bigskip |
|
31 |
|
32 |
|
33 \noindent |
22 By far the most popular attack method on computers are buffer |
34 By far the most popular attack method on computers are buffer |
23 overflow attacks or variations thereof. The first Internet |
35 overflow attacks or variations thereof. The first Internet |
24 worm (Morris) exploited exactly such an attack. The popularity |
36 worm (Morris) exploited exactly such an attack. The popularity |
25 is unfortunate because we nowadays have technology in place to |
37 is unfortunate because we nowadays have technology in place to |
26 prevent them effectively. But these kind of attacks are still |
38 prevent them effectively. But these kind of attacks are still |