Wednesday, 18 January 2012


What is Buffer overflow ? how it can be used to bypass the restriction of the firewall ?

Description

In computer security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. This is a special case of violation of memory safety.

Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program operates. This may result in erratic program behavior, including memory access errors, incorrect results, a crash, or a breach of system security. They are thus the basis of many software vulnerabilities and can be maliciously exploited.

Programming languages commonly associated with buffer overflows include C and C++, which provide no built-in protection against accessing or overwriting data in any part of memory and do not automatically check that data written to an array (the built-in buffer type) is within the boundaries of that array.

Firewall and anti-virus are to protect your computer from hacking attack and from viruses but sometimes an attacker can easily bypass them and can get root access into your computer, there are so many techniques and tools are available to bypass or cheat anti-virus and firewall. Buffer overflow is the most common type of computer security attack that allows a hacker to get the administrator access into a computer or a network. As we have discussed so many tutorial by using Backtrack 5 to hack into windows operating system, however there are many exploits are also available for Linux operating system.

I really don't know about the author of this video but the video contain a good example of buffer overflow attack by using an exploit.

Requirements

•    Backtrack 5 or Backtrack 5 R1 (Attacker)
•    Windows (Victim)
•    Mestaploit
•    Apache
•    Brain

<iframe src="http://player.vimeo.com/video/32105952?title=0&amp;byline=0&amp;portrait=0" width="200" height="113" frameborder="0" webkitAllowFullScreen mozallowfullscreen allowFullScreen></iframe>

No comments:

Post a Comment