Go4Expert

Go4Expert (http://www.go4expert.com/)
-   C (http://www.go4expert.com/articles/c-tutorials/)
-   -   Why Stack Overflows Can Be Dangerous? (http://www.go4expert.com/articles/stack-overflows-dangerous-t24798/)

lionaneesh 30Jan2011 08:55

Why Stack Overflows Can Be Dangerous?
 
Stack is a Last in First out(LIFO) abstract data structure...Stack is used as the main data structure for processing and data management on most of the OS architectures...like intel x86 etc etc..

Stack based Overflows



It happens when to much data is passed on the call stack and results in overwriting data...

The call stack is limited amount of memory , of ten determined at the start of the program..

When program tries to access more space that is available to the call stack it basically results in a overflow...

Why it is dangerous

It is dangerous because the call stack contains all our data (decrations) included the one used for user Input..

eg :-

if we declared
Code:

char pass[] = I am the password!!!;
int i = 0;
char userInput[10];

Then the stack would look like :-
Code:

=======
|userInput|
________
|int i = 0|
======
|char pass|

Now if we overflowed the userInput then we will successful overflow the int I with our desired value..It will be clear when we see the exploit example..

Exploiting



Exploit :-

buggyProgram.c

Code:

#include<stdio.h>
int main()
{
        int i=0;
        char userInput[10];
        printf("Please enter some data : ");
        gets(userInput); // depriciated function now you will get to know why we should not use this...
        if(i==0x31313131)
        {
                printf("You !!!! Just exploited me.. Aah! :( :'(\n");
        }
}

Compiling :-

We would be using gcc with the flag of no stack protector so that kernel does not stop us..

Code:

aneesh@aneesh-laptop:~/articles/C$ gcc buggyProgram.c -fno-stack-protector -o buggyProgram

/tmp/ccORWe40.o: In function `main':

buggyProgram.c:(.text+0x26): warning: the `gets' function is dangerous and should not be used.

aneesh@aneesh-laptop:~/articles/C$

Lets exploit it now....

Lets create a attact string first :-

As we know the userInput is just 10 bytes long. Thus, in order to exploit this we would need to pass 10 bytes to this... and further with 4 1's to overwrite the int I variable...

Attack string :-

Code:

[10 bytes garbage] +  [4 * 1]
  |                    |
for filling      for overwriting   
up userInput          the int variable

Now lets pass this to the program and see what happens..

Code:

aneesh@aneesh-laptop:~/articles/C$ ./buggyProgram

Please enter some data : AAAAAAAAAA1111

You !!!! Just exploited me.. Aah! :( :'(

And BooM!! We did it!!!

lionaneesh 30Jan2011 11:28

Re: Why Stack Overflows Can Be Dangerous?
 
Hey thanks...For accepting...
Yeah and check your email please...

etrade123 14Mar2011 18:02

Re: Why Stack Overflows Can Be Dangerous?
 
Thank you to all those are join our company. its really good.

pankajchandel 7Apr2011 00:22

Re: Why Stack Overflows Can Be Dangerous?
 
I am quite new in this forum lot of new things to learn although i am good at programming

lionaneesh 7Apr2011 00:24

Re: Why Stack Overflows Can Be Dangerous?
 
Quote:

Originally Posted by pankajchandel (Post 81581)
I am quite new in this forum lot of new things to learn although i am good at programming

Thanks Sir , And please read my other articles too!!


All times are GMT +5.5. The time now is 15:40.