发新话题
打印

[转载]Explanation of a remote buffer overflow vulnerability

[转载]Explanation of a remote buffer overflow vulnerability

文章作者:Denis Maggiorotto
信息来源:邪恶八进制信息安全团队(www.eviloctal.com

Introduction
Many times you heard about the “Buffer overflow vulnerability” in a specific software, may be you also
download a script or program to exploit it, but now, you’ll learn what a buffer overflow is, and what happens
when it occures, including the risks for the corrupted system.
The trip to this vulnerability starts from theory and terminates with a laboratory experience that showes an
exploitation of this vulnerability, in action.
This document is a “proof of concept” and its purpose is to take the reader from theory to practice in this
vulnerability. Of course the author is not responsible for the potential “bad use” that someone can do with it.
Because of the existence of many different computer architectures, the content of this document will regard
the only Intel x86 architecture and the operating system Linux.
More in depth, the experiment will regard an exploitation of a server process, running on an OpenSuSE 10.2
OS, kernel 2.6.18, compiled with gcc version 4.1.2.
Let’s start with a bit of theory.

附件

Explanation of a remote buffer overflow vulnerability.rar (153.66 KB)

2008-3-26 03:07, 下载次数: 923

曾几何时,有人对我说:装B遭雷劈。我说:去你妈的。于是,这个人又对我说:如果再说脏话,上帝会惩罚你的。我说:我操上帝。结论:彪悍的人生不需要上帝。

TOP

发新话题