Andrew T. Phillips
ABSTRACT
By exploiting a well known security vulnerability in many C library implementations, it is possible for an unprivileged user to gain unrestricted system privileges. With an understanding of how the process execution stack is allocated and managed during process execution, a user can override the return address of a C library routine and thereby resume execution at a different address where a set of malicious functions can be invoked [1]. This is known as the buffer overflow exploit. With buffer overflow as the underlying theme, an example will be described using C and the MIPS assembly language that simultaneously exposes students to issues in computer security, operating systems concepts such as memory management and function invocation/return, and the MIPS instruction set architecture.
- Aleph One, Smashing the Stack for Fun & Profit, http://www.phrack.com/show.php?p=49&a=14Google Scholar
- CERT Vulnerability Note CU#259787, http:// www.kb.cert.org/vuls/id/259787.Google Scholar
- CERT Advisory CA-2002-26 Buffer Overflow in CDE ToolTalk, http://www.cert.org/advisories/CA-2002-26.html.Google Scholar
- CERT Advisory CA-2002-19 Buffer Overflows in Multiple DNS Resolver http://www.cert.org/ advisories/CA-2002-19.htmlGoogle Scholar
- Patterson, D., and Hennessey, J., Computer Organization and Design: A Hardware/Software Interface, Appendix A, Morgan Kaufmann (2001). Google ScholarDigital Library
- Sweetman, D., See MIPS Run, http://www.mkp.com/books_catalog/areas/computer_architecture.asp Morgan Kaufmann, San Francisco, CA, (1999). Google ScholarDigital Library
Index Terms
- Exploring security vulnerabilities by exploiting buffer overflow using the MIPS ISA
Recommendations
Exploring security vulnerabilities by exploiting buffer overflow using the MIPS ISA
By exploiting a well known security vulnerability in many C library implementations, it is possible for an unprivileged user to gain unrestricted system privileges. With an understanding of how the process execution stack is allocated and managed during ...
Return address randomization scheme for annuling data-injection buffer overflow attacks
Inscrypt'06: Proceedings of the Second SKLOIS conference on Information Security and CryptologyBuffer overflow(BOF) has been the most common form of vulnerability in software systems today, and many methods exist to defend software systems against BOF attacks. Among them, the instruction set randomization scheme, which makes attacker not to know ...
Buffer overflow and format string overflow vulnerabilities
Special issue: Security softwareBuffer overflow vulnerabilities are among the most widespread of security problems. Numerous incidents of buffer overflow attacks have been reported and many solutions have been proposed, but a solution that is both complete and highly practical is yet ...
Comments