Buffer Overflow Attack Pattern

From Guidance Share

Jump to: navigation, search


Context

The target application is written in a language that does not provide automated memory management, buffer length checking and array bounds checking. This is most often C/C++ but could include any language that is not type safe.

Problem

How to exploit an unchecked buffer to crash a process or inject and execute malicious code.

Forces

  • You want to impact the availability of the process to other users
  • You want to execute unauthorized code
  • You want to cause availability or integrity damage or escalate privileges

Solution

  • Identify entry points that accept string input or input that could be used to calculate the size of an internal buffer.
  • Craft attack data for each entry point.
  • Place target application under debugger.
  • Pass atttack data to each entry point.
  • If application crashes look for attack data on stack, heap or in process registers.
Personal tools