Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Stack Interpretation and Manipulation

From: "Bluefish (P.Magnusson)" <11a () GMX NET>
Date: Mon, 11 Sep 2000 21:34:24 +0200
I would like to better understand these vulnerabilities that may exist in
my programs so i can avoid making them in the future. Are there any online
resources avalible to show begining programmers how to interprete stack
dumps, so that we can avoid creating them in the future?


With coredumps (a far more sophisticated debugging tool than common
stackdumps as presented by e.g. windows at pagefaults) there are very
powerfull debugging tools, such as applying gdb on the coredump. I'm no
expert on gdb...

With a bit of commercialism, www.11a.nu has a page about overflows which
is aimed at beginners who don't yet understand what it is, have a look at
it. If someone has a good tutorial on how to examin coredumps I'd love to
add it to our site :)

Well, back to the subject! If you as an example manages to crash some
windows application with some totally random string, such "A" x 2000,
you'll probably get some box telling you the values of the registers.

If EIP goes 41414141, or 61616161 (the "A"'s got lowercased), the
application is easily exploitable to an buffert overflow. If that's not
the case, you need a very through understanding of how the applications
works in order to make any exploitable out of this - many researcher chose
to drop it here and list it as "Vulnerable but no working exploit
produced".

How you avoid this specific vulnerability?

  1. don't use c or c++. Bug-prone languages which the avarage programmer
     commonly make implementations faults in which will pass syntax checks
     (ie: other languages wouldn't allow the code to compile without
     modifications)

  2. If you do use c or c++, be carefull with str*, *printf, popen, etc.

  3. Actually have a good, secure design :-)

Theoreticly, that above solves everything. Only the problem is we like C,
it allows you to code fast and careless, so we use it even if we know it
is dangerous. And since we're also human, we forget to check some of the
known dangerous routines. And since we're lazy, many softwares are never
really designed - we build a prototype and keep it, eh? :)

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team
Previous By Date Next
Previous By Thread Next

Current thread: