Buffer Overflows: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Fukami (Diskussion | Beiträge) (Übernahme aus altem Wiki) |
Nulli (Diskussion | Beiträge) KKeine Bearbeitungszusammenfassung |
||
(4 dazwischenliegende Versionen von 4 Benutzern werden nicht angezeigt) | |||
Zeile 1: | Zeile 1: | ||
[[Kategorie:Themenabend]] | [[Kategorie:Themenabend]] | ||
== | {{Themenabend| | ||
[[Sven]] | TITEL= Buffer Overflows | | ||
UNTERTITEL= | | |||
TERMIN= | | |||
ORT= | | |||
THEMA= | | |||
REFERENTEN= [[Benutzer: Sven | Sven]], [[Carsten Grohmann]] und [[Benutzer:Caldrin | Caldrin ]] | | |||
C3D2WEB= | | |||
TOPIC= siehe unten | | |||
SLIDES= | | |||
}} | |||
== Gliederung == | |||
* Speicherlayout | |||
* Klassische stackbasierte Angriffe | |||
* Framepointer overwrite | |||
* BSS-Overflow | |||
* Heap-Overflow | |||
==Link-Sammlung (Allgemein)== | ==Link-Sammlung (Allgemein)== | ||
* [http://www.heise.de/security/artikel/37958/0 Buffer-Overflows und andere Sollbruchstellen] | * [http://www.heise.de/security/artikel/37958/0 Buffer-Overflows und andere Sollbruchstellen] | ||
* [http:// | * [http://krecher.p15153225.pureserver.info/bufferoverflows.pdf Vortrag über Buffer Overflows von Stefan Krecher]] | ||
==Audit-Tools== | ==Audit-Tools== |
Aktuelle Version vom 2. Dezember 2006, 02:35 Uhr
Veranstaltung | |
---|---|
Titel | Buffer Overflows |
Untertitel | |
Termin | |
Ort | |
Thema | |
Vortragende(r) | |
Referent(inn)en: | Sven, Carsten Grohmann und Caldrin |
Links | |
C3D2 Webseite | |
Thema | siehe unten |
Folien |
Gliederung
- Speicherlayout
- Klassische stackbasierte Angriffe
- Framepointer overwrite
- BSS-Overflow
- Heap-Overflow
Link-Sammlung (Allgemein)
Audit-Tools
- Splint (C)
- RATS Rough Auditing Tool for Security (C, C++, PHP, Perl & Python)
- Flawfinder (C/C++)
- ITS4 (C/C++)
- PScan (C)
- ElectricFence - malloc() debugger
- CodeWizard (commercial)
Exploit-Programmierung
- Smashing the Stack for fun and Profit
- w00w00 on Heap Overflows
- How to write remote exploits
- Non-Stack Overflows on Windows
- Defeating Microsoft Windows 2003 Stack Protection
- Variations in Exploit methods between Linux and Windows
- Exploitation of UNICODE Buffer Overflows
- Windows 2000 Format String Vulnerabilities
- Buffer Overflows on SPARC Architecture
- Buffer Overflows for Beginner
- Frame Pointer Overwrite
- Exploiting Non-adjacent Memory Spaces
- Howto remotely and automatically exploit a format bug
- Advanced Doug Lea's malloc exploits
- Bypassing Stackguard and Stackshield
- Exploiting Format String Vulnerabilities
- Once upon a free()...
- The advanced return-into-lib(c) exploits
- Buffer overflow exploit in the alpha linux
- Howto write Buffer Overflows
Protection
- Static Analysis
- A first step towards automated detection of buffer overrun vulnerabilities
- Cleanness Checking of String Manipulations in C Programs via Integer Analysis
- Statically detecting likely buffer overflow vulnerabilities
- Detecting heap smashing attacks through fault containment wrappers
- Accurate Buffer Overflow Detection via Abstract Payload Execution
- A Comparison of Publicly Available Tools for Static Intrusion Prevention
- CSSV: Towards a Realistic Tool for Statically Detecting All Buffer Overflows in C
- Protecting C Programs from Attacks via Invalid Pointer Dereferences
- A Binary Rewriting Defense Against Stack-based Buffer Overflow Attacks
- Static Analysis of Executables to Detect Malicious Patterns
- Address Obfuscation: An Approach to Combat Buffer Overflows, Format-String Attacks, and More
- Compiler Patches
- Adding run-time checking to the portable c compiler
- Protecting from stack smashing attacks
- Bounds Checking for C
- StackGuard: Automatic adaptive detection and prevention of buffer overflowattacks
- Stack Shield: A "stack smashing" technique protection tool for linux
- Rad: A compiletime solution to buffer overflow attacks
- GCC extension for protecting applications from stack-smashing attacks
- Protecting pointers from buffer overflow vulnerabilities
- C Library Patches
- Kernel / OS Patches
Shellcode
- Polymorphic Shellcode Engine
- The Art of Writing Shellcode
- Designing Shellcode Demystified
- Building IA32 'Unicode-Proof' Shellcodes