TAILIEUCHUNG - HACK PROOFING YOUR NETWORK INTERNET TRADECRAFT phần 6

Thông thường, bộ xử lý thực thi mã từ đoạn mã của một chương trình. Theo chương trình làm cho các cuộc gọi chức năng, bộ vi xử lý đẩy dữ liệu vào ngăn xếp thread. Ngăn xếp này phục vụ như là một nơi lưu trữ tạm thời cho các biến chức năng và địa chỉ chức năng. | 216 Chapter 8 Buffer Overflow Normally the processor executes code from the code segment of a program. As the program makes function calls the processor pushes data onto the thread stack. This stack serves as a temporary storage place for function variables and function addresses. When an attacker overflows a stack buffer the overflow will often overwrite a value called the return address. The buffer overflow will not only overwrite the return address but can also overwrite almost all of the stack itself. This of course causes the program to crash. Usually the attacker is not concerned about the program and simply wants to execute his or her own code called a payload . The payload is usually injected as part of the buffer overflow itself meaning that the code the attacker wants to execute is written to the stack along with everything else. So the trick is to get the processor s instruction pointer to point to the attacker s buffer. There are several ways to do this. Methods to Execute Payload The following sections explain the variety of techniques that can be used to exexute payload. Direct Jump Guessing Offsets The direct jump means that you have told your overflow code to jump directly to a location in memory. It uses no tricks to determine the true location of the stack in memory. The downfall of this approach is twofold. First the address of the stack may contain a NULL character so the entire payload will need to be placed before the injector. If this is the case it will limit the available size for your payload. Second the address of your payload is not always going to be the same. This leaves you guessing the address you wish to jump to. This technique however is simple to use. On UNIX machines the address of the stack often does not contain a NULL character making this the method of choice for UNIX overflows. Also there are tricks that make guessing the address much easier. See No Operation NOP Sled later in the chapter. Lastly if you place your payload .

TỪ KHÓA LIÊN QUAN
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.