Featured Post

Cybersecurity Career Paths for College Students: How to Get Started

  Cybersecurity Career Paths for College Students: How to Get Started Introduction Cybersecurity has become a crucial field in today's digital age, where organizations and individuals are constantly at risk of cyber threats. As a college student, exploring career paths in cybersecurity can lead to exciting opportunities and a fulfilling professional journey. In this article, we will delve into the various cybersecurity career paths available to college students and provide valuable insights on how to get started in this rapidly growing industry. Table of Contents Understanding Cybersecurity Why Choose a Cybersecurity Career? Cybersecurity Career Paths 1. Security Analyst 2. Penetration Tester 3. Incident Responder 4. Cryptographer 5. Security Consultant Building the Foundation 1. Pursue a Degree in Cybersecurity 2. Develop Technical Skills 3. Gain Practical Experience 4. Obtain Certifications Networking and Professional Associations Job Opportunities and Industry Trends 1. Governme
Post a Comment

Buffer Overflow Attack And its Prevention Techniques


What is Buffer Overflow Attack And its Prevention Techniques, Buffer overflow is very dangerous for systems. Lets discuss this.

WHAT IS A BUFFER OVERFLOW?

A buffer overflow, is a common software coding mistake that an attacker could exploit to gain access to your system.

BUFFER OVERFLOW

Definition of a Buffer Overflow

  • A buffer overflow occurs when more data is put into a fixed-length buffer than the buffer can handle.
  • The extra data, that should go somewhere, can overflow into adjacent memory space, corrupting or overwriting the data held in that space.
  • This overflow usually results in a system crash, but it also creates the opportunity for an attacker to run arbitrary code or manipulate the coding errors to prompt malicious actions.
  • Many programming languages are vulnerable to buffer overflow attacks.
  • However, the extent of such attacks varies depending on the language used to write the vulnerable program.
For example, code written in JavaScript and Perl is generally not susceptible to buffer overflows.
However, a buffer overflow in a program written in C, C++, Assembly or Fortran  could allow the attacker to fully compromise the targeted system.

Key Concepts of Buffer Overflow

  • This error occurs when there is more data in a buffer than it can handle, causing data to overflow into adjacent storage.
  • This vulnerability can cause a system crash or, worse, create an entry point for a cyberattack.
  • C and C++ are more vulnerable to buffer overflow.
  • Secure development practices ought to embody regular testing to observe and fix buffer overflows.
  • These practices include automatic protection at the language level and bounds-checking at run-time.  

Executing a Buffer Overflow Attack

Executing a Buffer Overflow Attack

  • Cybercriminals exploit buffer overflow issues to change the execution path of the applying by overwriting elements of its memory.
  • The extra data may contain code designed to trigger specific actions — in effect sending new instructions to the attacked application that could result in unauthorized access to the system.

Buffer Overflow Causes

  • Coding errors square measure usually the reason for buffer overflow.
  • Common application development mistakes that can lead to buffer overflow include failing to allocate large enough buffers and neglecting to check for overflow problems. 
  • These mistakes are especially problematic with C/C++, which does not have built-in protection against buffer overflows.
  • Consequently, C/C++ applications square measure typically targets of buffer overflow attacks.

Example: Buffer Overflow Attack 

Example of Buffer Overflow Attack

[Reference from “Buffer Overflow Attack Explained with a C Program Example,” Himanshu Arora, June 4, 2013, The Geek Stuff]

In some cases, an attacker injects malicious code into the memory that has been corrupted by the overflow. In other cases, the attacker simply takes advantage of the overflow and its corruption of the adjacent memory. For example, consider a program that requests a user password in order to grant the user access to the system. In the code below, the correct password grants the user root privileges. If the password is incorrect, the program will not grant the user privileges.

printf ("\n Correct Password \n");
pass = 1;
}
if(pass)
{
/* Give admin or root rights to user*/
printf ("\n Root privileges given to user \n");
}
return 0;

However, there's a possibility of buffer overflow during this program as a result of the gets() operate doesn't check the array bounds.

Here is an example of what an attacker could do with this coding error:

$ ./bfrovrflw
Enter the password :
hhhhhhhhhhhhhhhhhhhh
Wrong Password
Root privileges given to the user

In the above example, the program gives the user root privileges, even though the user entered an incorrect password. In this case, attacker gives an input with a length greater than the buffer can hold, creating buffer overflow, which overwrote the memory of integer “pass.” 
Therefore, despite the incorrect password, the value of “pass” became non zero, and the attacker receives root privileges.

Preventing Buffer Overflows

Preventing Buffer Overflows

By Following these step we can prevent Buffer Overflow: 

1) Use safer versions of functions: Safer alternatives square measure obtainable for all the standard functions beset by buffer overflows.
For instance, strncpy and snprintf are safer than the older strcpy and sprint.
When new applications square measure being developed, make sure that solely the safer variants square measure used.

2) Dynamic runtime protection: Buffer overflow conditions square measure detected throughout the particular running of the program during this technique, and an attack thwarted.

Different techniques of dynamic runtime analysis are:

Memory Access checking: Here, verification code is added to the binary when the program is compiled. It checks access violations in real time.
Tools like Purify supply this protection with very little impact on performance.

Canary: once a call is formed, a "canary" is added to the return address; if a buffer overflow occurs, the canary will be corrupted.
So, before returning to the parent operate, the "canary" is checked again to see if it has been modified.
Stack Guard uses this system by implementing it as a patch to the GCC complier; this causes minimum performance delays.
Free BSD conjointly incorporates a patch obtainable to try and do this.

Array bounds Checking: once Associate in Nursing array is scan from or written to, this system double-checks whether or not the boundaries square measure being desecrated.
 Jones & Kelly‘s GCC & Compaq C Complier patch perform array bounds checking, but at the cost of considerable performance degradation.

Copying come back Address: during this technique, the address is saved separately; thus even once a buffer overflow exploit overwrites the address on the stack, it's set back
to the original value when the function returns. Stack Shield - a development tool that uses this technique - works as an assembler file processor and is supported by GCC/G++ front ends.
Stack protect but, protects against solely overwriting of the address.

3) Non-executable stack: during this technique the stack is organized to not hold any possible code.
Kernel patches square measure obtainable for each UNIX and Solaris for configuring a non-executable stack.
Data execution hindrance in Windows XP and 2003 conjointly defend the stack against buffer overflow.
This method protects against stack-based buffer overflow attacks.
Heap-based overflows and static knowledge section overflows cannot, however, be prevented by this technique.

4)Static Analysis: In static analysis the ASCII text file is parsed for dangerous library calls and race conditions to notice potential buffer overflows.
Functions like strcpy and sprintf square measure liable to buffer overflows, so source code scanners are used to look for incorrect use of these functions.
RATS and SPLINT square measure 2 such tools; but static analysis is riddled with false positives.


Buffer Overflow Attack And its Prevention Techniques

TAGS: #Buffer Overflow, #Preventing Buffer Overflow,#Overflow prevention,#Buffer Overflow Mitigation, #What is Buffer Overflow,#cypheradda, #Prevention from buffer overflow





Comments

  1. Unknown8 September 2020 at 01:40

    Hi
    I visited your blog you have shared amazing information, i really like the information provided by you, You have done a great work. I hope you will share some more information regarding Cyber Security. I appreciate your work.
    Thanks
    Have a Great Day

    ReplyDelete

Post a Comment

Popular posts from this blog

Cybersecurity Career Paths for College Students: How to Get Started

  Cybersecurity Career Paths for College Students: How to Get Started Introduction Cybersecurity has become a crucial field in today's digital age, where organizations and individuals are constantly at risk of cyber threats. As a college student, exploring career paths in cybersecurity can lead to exciting opportunities and a fulfilling professional journey. In this article, we will delve into the various cybersecurity career paths available to college students and provide valuable insights on how to get started in this rapidly growing industry. Table of Contents Understanding Cybersecurity Why Choose a Cybersecurity Career? Cybersecurity Career Paths 1. Security Analyst 2. Penetration Tester 3. Incident Responder 4. Cryptographer 5. Security Consultant Building the Foundation 1. Pursue a Degree in Cybersecurity 2. Develop Technical Skills 3. Gain Practical Experience 4. Obtain Certifications Networking and Professional Associations Job Opportunities and Industry Trends 1. Governme
Read more

10 Things What Information Your Phone Contains Secretly?

Image
WHAT DO YOUR PHONE KNOWS ABOUT ? ALERT :  10 Things What Information Your Phone Contains Secretly? Whether your phone is in your pocket or on desk, It retains a lot of personal data. And all this information is vulnerable to cyber criminals. Here is Ten things which your phone contains secretly. 1)PASSWORD  Password stored in web browser auto fill form and password stored in the file system are secretly stored by your smartphone. Don't save PASSWORD . 2)BANK ACCOUNT DETAILS All downloaded bank statement is accessed by you smartphone.Which can make your Bank balance to ZERO.So, Don't store this information. 3)CURRENT LOCATION GPS You current location is accessed by your smart phone every time.What you doing,where you are.Your privacy is at risk.so, OFF GPS . 4)RECENT FILES KEEP BY APPLICATIONS Recent file accessed list is kept by operating system and various appliction keep thier own recent file list which is vulnerable and harmful for ou
Read more

Challenges of smartphone mobile security

Image
This article is about  Challenges of smartphone mobile device security .  Mobile security or Smartphone device security, has become increasingly important in mobile computing. Major Concern is that security of personal and business information now stored on smartphones. More and more users as well as businesses use smartphones to communicate, but also to plan and organize their users' work and also private life. Within Organizations, these technologies are causing knowledgeable changes in the organization of information systems and therefore they have become the source of new risks. Actually, Smartphones collect amount of sensitive information to which access must be controlled to protect the privacy of the user and the intellectual property of the company. All smartphones, are preferred targets of attacks. These attacks exploit weaknesses present in smartphones that can come from the different communication mode—like Short Message Service (SMS, text me
Read more