Hi everyone, I'm a bit new to c programming but familiar with the buffer overflow concept in general terms. I just wanted someone to take me through a code sample i came over the web disccusing this topic. The URL to this article is:http://www.exploit-db.com/exploits/3154/. Any help will be appreciated. Thank in advance.
jmwalloh
0
Newbie Poster
Recommended Answers
Jump to PostSorry, but discussion of hacking is against Daniweb's rules. We can help you at a high level, but anything more detailed that could be used to create an exploit is prohibited.
Jump to PostUnderstanding how buffer overflows attacks are implemented is key to understanding how to prevent them.
Hardly. Preventing buffer overflow in code is not dependent on understanding the details of how to exploit such a security hole. There's a difference between "this is buffer overflow, and here is how …
All 5 Replies
deceptikon
1,790
Code Sniper
Team Colleague
Featured Poster
Sorry, but discussion of hacking is against Daniweb's rules. We can help you at a high level, but anything more detailed that could be used to create an exploit is prohibited.
sunktugg
0
Newbie Poster
I must admit I do not know the rules by heart, but it seems quite backwards not to be able to discuss this.
Understanding how buffer overflows attacks are implemented is key to understanding how to prevent them.
An understanding of this topic is fundamental for any c programmer wanting to write safe code.
deceptikon
1,790
Code Sniper
Team Colleague
Featured Poster
Understanding how buffer overflows attacks are implemented is key to understanding how to prevent them.
Hardly. Preventing buffer overflow in code is not dependent on understanding the details of how to exploit such a security hole. There's a difference between "this is buffer overflow, and here is how you avoid it", and "tell me how this buffer overflow exploit works". The former teaches safe coding practices while the latter essentially teaches one how to write exploits.
sunktugg
0
Newbie Poster
I could not agree less, but to each their own.
Out of curiosity, what is your answer to "this is buffer overflow, and here is how you avoid it"?
deceptikon
1,790
Code Sniper
Team Colleague
Featured Poster
I could not agree less, but to each their own.
Fair enough. I'd be a hypocrite if I said that there's no value in learning the dark side, but willingly sharing that knowledge to folks with unknown intentions has been deemed too risky for this community.
Out of curiosity, what is your answer to "this is buffer overflow, and here is how you avoid it"?
It's situational. I'll point out the risk in given code and show measures to avoid it with a safer best practice.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.