Solved

Buffer overflow

Posted on 2013-01-18
8
637 Views
Last Modified: 2013-02-10
What is buffer overflow and how to find vulnerabilities in a network.
0
Comment
Question by:pawanopensource
  • 2
  • 2
8 Comments
 
LVL 62

Accepted Solution

by:
btan earned 167 total points
ID: 38797877
This has all got to do with program codes not having  sufficient boundary checks when inserting data received (in appl or network means) to a buffer allocated for program use. The whole intent is to overflow the buffer size and eventually exploit the program  by leading to execute not intended codes (commonly is malicious and known as shellcode). The exploitation can be disastrous. Common indicators are service is down (denial of service), and as a whole the program just goes berserk.....

The only way to rectify the vulnerability is to close the program holes (coding needed most of the time). many example can be easily found and is also well published on exploitation steps using open tool (really!).

E.g. This on an appl taking a socket call with buffer overflow ..
http://securityxploded.com/remote-buffer-overflow-exploits.php

E.g. Security tutorial and forum - easily search with such keyword
https://www.corelan.be/?s=buffer+overflow&search=Search
http://resources.infosecinstitute.com/?s=buffer+overflow

So as all would ask...how do we find such vulnerability ... I would say this would be all avoided if the code release has been validated to be secure using static and dynamic code (esp those internet facing)....e.g. for web, there is OWASP Phoenix compilation
https://www.owasp.org/index.php/Phoenix/Tools

That is the earliest detection and probably to reduce as much attack surface. But commonly such overflow will be known vulnerability and vulnerability scanner should be able to pick it up matching to the pattern, data bank collation etc. They are tagged with CVE such as easily found in such search

http://www.cvedetails.com/vulnerability-search.php?f=1&vendor=&product=&cveid=&cweid=&cvssscoremin=&cvssscoremax=&psy=&psm=&pey=&pem=&usy=&usm=&uey=&uem=&opov=1

One specific can be this
http://www.securiteam.com/exploits/5SP3A008UA.html

For scanners, there are wide variety and I will suggest Security Content Automation Protocol (SCAP) based (e.g. Tenable's Nessus, SAINT, eEye's Retina as below)

http://nvd.nist.gov/validation_eeye.cfm
http://nvd.nist.gov/validation_saint.cfm
http://nvd.nist.gov/validation_tenable.cfm

There are also other open ones and can find more @ http://sectools.org/tag/vuln-scanners/
0
 
LVL 51

Assisted Solution

by:ahoffmann
ahoffmann earned 333 total points
ID: 38797910
buffer overflows are difficult to find with penetration testing, I highly recommend to use source code analyzing tools (SCA) for that
(some free tools are mentioned at OWASP's Phoenix Tools (see breadtan's link above), but most of these tools are $$$$
0
 

Author Comment

by:pawanopensource
ID: 38800988
Thx Experts,

Till now what i understand is that if a hackers find a public ip n finds some open ports than he writes a program like print "i am a hacker" * 2000 times. than using metaploit techniques he insert his program.

can we make buffer overflow using python ?
0
 
LVL 62

Expert Comment

by:btan
ID: 38801203
In my post the first example is using python for validation to the open port. Metasploit is more of a delivery channel for your shellcode once the vulnerability is penetrated..of course you can control Metasploit through RPC using python

http://www.fishnetsecurity.com/6labs/blog/scripting-metasploit-python

Or translate into Metasploit module...

https://www.corelan.be/index.php/2009/08/12/exploit-writing-tutorials-part-4-from-exploit-to-metasploit-the-basics/

PS lets not have this exchanges become into writing exploit...you can try find example at those site link shared.
0
 
LVL 51

Assisted Solution

by:ahoffmann
ahoffmann earned 333 total points
ID: 38801486
> can we make buffer overflow using python ?
yes

(but I assume that you want to ask another question ;-)
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A brand new malware strain was recently discovered by security researchers at Palo Alto Networks dubbed “AceDeceiver.” This new strain of iOS malware can successfully infect non-jailbroken devices and jailbroken devices alike.
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
The goal of the tutorial is to teach the user how to use functions in C++. The video will cover how to define functions, how to call functions and how to create functions prototypes. Microsoft Visual C++ 2010 Express will be used as a text editor an…
The viewer will learn how to pass data into a function in C++. This is one step further in using functions. Instead of only printing text onto the console, the function will be able to perform calculations with argumentents given by the user.

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question