No announcement yet.

DoS - Buffer Overflows

  • Filter
  • Time
  • Show
Clear All
new posts

  • DoS - Buffer Overflows

    A buffer overflow is a type of DoS that takes advantage of a flaw in a program's coding by inputting more data than the buffer, or memory, has room for.
    Once the buffer of the running process is full, all further input that is written to the buffer can have negative consequences, such as crashes, security issues or other problems. The buffer is then in an overflowed state that makes the program not function as intended or may allow the hacker to execute code within that process. The purpose of the DoS attack is to place the program or system in an unpredictable or unexpected state that affects the availability of the service.
    Some C functions do not perform bounds checking, which means they are prime candidates for allowing a buffer overrun to occur. Functions such as gets(), scanf(), strcpy() and strcat() are functions susceptible to bufferoverflows.

    The heap and the stacks are two areas in memory a program uses for storing data.

    The heap is a dynamically allocated storage location that does not have sequential constraints or an organizational scheme. It is considered the larger pool of free storage for programs to use as needed. Once the dynamic memory space is no longer needed, the allocated memory is freed.

    The stack refers to the smaller pool of free storage memory allocated to running programs for short-term processing. This is the main area for the program to store temporary data such as local variables. The name comes from the fact that accessing the stack is similar in function to the way you access a stack of plates. You can see the value on the top of the stack, you can add a plate to the top of the stack or remove one from the top of the stack. Most work on the stack happens on the top of the stack, removing or adding data. Another term for this is last-inm first out (LIFO). The last item to be stacked, is the first item to be removed.

    Of course today modern programs may contain protections such as a non-executable stack, stack cookies, canaries etc.
    Certified Security Geek