Exploit Writing Techniques

Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns

Exploit Writing Techniques Internet Security Whitepapers

This article describes three powerful general-purpose families of exploits for buffer overruns: arc injection, pointer subterfuge, and heap smashing. These new techniques go beyond the traditional "stack smashing" attack and invalidate traditional assumptions about buffer overruns. Security vulnerabilities related to buffer overruns account for the largest share of CERT advisories, as well as high-profile worms—from the original Internet Worm in 1987 through Blaster’s appearance in 2003. When malicious crackers discover a vulnerability, they devise exploits that take advantage of the vulnerability to attack a system.

Buffer Overflow Study Attacks and Defenses

Exploit Writing Techniques Internet Security Whitepapers Buffer Overflows

Most of the exploits based on buffer overflows aim at forcing the execution of malicious code, mainly in order to provide a root shell to the user. The principle is quite simple: malicious instructions are stored in a buffer, which is overflowed to allow an unexpected use of the process, by altering various memory sections. Thus, we will introduce in this document the way a process is mapped in the machine memory, as well as the buffer notion; then we will focus on two kinds of exploits based on buffer overflow : stack overflows and heap overflows.

Buffer Overflows Attacks and Defenses for the Vulnerability of the Decade

Exploit Writing Techniques Internet Security Whitepapers Buffer Overflows

Buffer overflows have been the most common form of security vulnerability for the last ten years. More over, buffer overflow vulnerabilities dominate the area of remote network penetration vulnerabilities, where an anonymous Internet user seeks to gain partial or total control of a host. If buffer overflow vulnerabilities could be effectively eliminated, a very large portion of the most serious security threats would also be eliminated. In this paper, we survey the various types of buffer overflow vulnerabilities and attacks, and survey the various defensive measures that mitigate buffer overflow vulnerabilities, including our own StackGuard method. We then consider which combinations of techniques can eliminate the problem of buffer overflow vulnerabilities, while preserving the functionality and performance of existing systems.

The Shellcode Generation

Exploit Writing Techniques Internet Security Whitepapers

Attackers carry out many network security compromises using exploitation programs, or exploits, which take advantage of bugs in software running on vulnerable systems. These programs are often the only remaining evidence of a security compromise; by analyzing them, we can assess the incident's impact and the attackers' skills and intent. We can build an entire taxonomy of attacks by understanding these programs' technical capabilities and their connection to those who develop and use them.

Writing Secure Software

Exploit Writing Techniques Internet Security Whitepapers

It's often claimed that the biggest problem with security is that practitioners are unclear as to what the problem is. In summary, it's insecure computer software. The best network firewall provides only minimal defense if it permits access to unreliable software. Moreover, any firewall (either appliance or program) is written in software. Similarly, the strongest encryption algorithms may only permit attackers to securely communicate with insecure software.