Home
Calendar
Certifications
Columns
Features
Forum
Resources
Vitals
Latest Additions
Jan 2009 Free Giveaway Sponsor - Black Hat DC
Scooby Doo and the Crypto Caper - Answers and Winners
Daemon - A Contest Revealed
Hacking: The Art of Exploitation 2nd Edition
Nov 2008 Free Giveaway - Winners
Dec 2008 Free Giveaway Sponsor - SANS
Santa Claus is Hacking to Town
Plug-N-Play Network Hacking
Nov 2008 Free Giveaway Sponsor - CWNP
Daemon - A Contest Begins Now
It Happened One Friday - Answers and Winners
Daemon - A Contest
Scooby Doo and the Crypto Caper
MS Blue Hat Hackers Headline Chicago Security Con
The Pen Testing Perfect Storm Webcast Series with Skoudis, Wright, Johnson
EH-Net Login
Welcome Guest.
Username:
Password:
Remember me
Lost Password?
No account yet?
Register
Who's Online
We have 12 guests and 1 member online
EH-Net Donations
Enter Amount:
$
CAD
USD
GBP
AUD
JPY
EUR
Google Ads
EH-Net News Feeds
Latest Additions
Book Recommendations
You are here:
Home
Forum
Ethical Hacking Discussions and Related Certifications
Network Pen Testing
CEH - Certified Ethical Hacker
CEH - Official Course Modules v4
CEH Study Group -- Module 20: Buffer Overflows
Ethical Hacker Community Forums
January 09, 2009, 09:14:36 PM
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
News
: ChicagoCon 2009 - May 4 - 9. Boot Camps & an Ethical Hacking Conf.
www.chicagocon.com
Home
Help
Calendar
Login
Register
Ethical Hacker Community Forums
>
Ethical Hacking Discussions and Related Certifications
>
Network Pen Testing
>
CEH - Certified Ethical Hacker
>
CEH - Official Course Modules v4
(Moderators:
Dengar13
,
Oyle
) >
CEH Study Group -- Module 20: Buffer Overflows
Pages: [
1
]
Go Down
« previous
next »
Print
Author
Topic: CEH Study Group -- Module 20: Buffer Overflows (Read 3342 times)
0 Members and 1 Guest are viewing this topic.
Oyle
Moderator
Sr. Member
Offline
Posts: 264
"Man. Nature. Technology".
CEH Study Group -- Module 20: Buffer Overflows
«
on:
April 05, 2006, 04:49:17 PM »
Module Objectives:
*What is a Buffer Overflow?
*Exploitation
*How to detect buffer overflows in a program?
*Skills Required
*CPU/OS Dependency
*Understanding Stacks
*Stack based Buffer Oveflows
*Technical details
*Writing your own exploits
*Defense Against Buffer Overflows
Note: This material WILL be on the Exam....
Logged
MCP, MCP+I, MCSA, MCSE(NT4/W2K), CCNA, CCA, NWCCC, VH-PIRTS, CEH
--------------------
"hackers are like jedi, crackers are like the sith: do not fall prey to the dark side".
From 1337 h4x0r h4ndb00k: "the ten laws of geek", law x
-Tapeworm
Oyle
Moderator
Sr. Member
Offline
Posts: 264
"Man. Nature. Technology".
Re: CEH Study Group -- Module 20: Buffer Overflows
«
Reply #1 on:
May 24, 2006, 08:00:37 PM »
On Oct. 19, 2000, hundreds of flights were grounded or delayed because of a software problem in the Los Angeles air traffic control system. The cause was attributed to a Mexican controller typing a 9 (instead of 5) characters of flight-indentification data, resulting in a buffer overflow.
Really pretty cool when you think about it.
Lesson interuppted, sorry; continues below..
«
Last Edit: May 25, 2006, 03:09:09 PM by Oyle
»
Logged
MCP, MCP+I, MCSA, MCSE(NT4/W2K), CCNA, CCA, NWCCC, VH-PIRTS, CEH
--------------------
"hackers are like jedi, crackers are like the sith: do not fall prey to the dark side".
From 1337 h4x0r h4ndb00k: "the ten laws of geek", law x
-Tapeworm
Dengar13
Moderator
Full Member
Offline
Posts: 224
Re: CEH Study Group -- Module 20: Buffer Overflows
«
Reply #2 on:
May 24, 2006, 08:06:01 PM »
I would hate to be the one when the $%it rolled down hill over one keystroke error!
Logged
A+, Net+, MCP, CEH
MCSE: Security/Messaging
MCSA: Security/Messaging
Former U.S. Marine and damn proud of it!
Oyle
Moderator
Sr. Member
Offline
Posts: 264
"Man. Nature. Technology".
Re: CEH Study Group -- Module 20: Buffer Overflows
«
Reply #3 on:
May 25, 2006, 08:22:57 AM »
Yeah, good thing the FAA doesn't have jurisdiction over Mexico, hunh? Of course, we don't know if that Mexican controller was working in an American control tower or not....
Meant to post more in that post, but didn't have time for it. I'll get to it later....
Logged
MCP, MCP+I, MCSA, MCSE(NT4/W2K), CCNA, CCA, NWCCC, VH-PIRTS, CEH
--------------------
"hackers are like jedi, crackers are like the sith: do not fall prey to the dark side".
From 1337 h4x0r h4ndb00k: "the ten laws of geek", law x
-Tapeworm
Oyle
Moderator
Sr. Member
Offline
Posts: 264
"Man. Nature. Technology".
Re: CEH Study Group -- Module 20: Buffer Overflows
«
Reply #4 on:
May 25, 2006, 03:10:38 PM »
Lesson continues from above....
Buffer Overflow vulnerabilities infest the IT (Information Technology
duh...
)
environment more often than other vulnerabilites because it has little to do with security, inherently; the vulnerabilites occur mainly because of human error, which is difficult to detect, and not often anticipated in the first place.
Here's an example: Suppose you want to tell a co-worker something important. When you finally get the opportunity, you "zone out", and forget wehat it is you wanted to tell him/her. Maybe you were distracted by a previous conversation with someone else. This is a simple form of a Buffer Overflow. You wanted to relay a message, which would have formed the basis for future decisions. But a disruption in your planned series of events prevented it from occuring. See the connection???
Significance of Buffer Overflow Vulnerability....
Reference the above example of the Mexican air controller....
In the field of IT, such behaviour can result in serious trouble, as in the case of the Mexican air controller.
A buffer overflow occurs when a program or process tries to store more data in a buffer (a temporary storage area in RAM) than it was intended to hold. Buffers are created to hold a finite amount of data, so the extra information has to be moved elsewhere, and can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.
Consider the following snippet of C++ code:
#include <stdio.h>
int main ( )
[
char name[31];
printf ( Please type your name: ");
gets(name);
printf("Hello, %s", name);
return D;
]
A Buffer Overflow will occur if you enter:
'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
«
Last Edit: May 25, 2006, 03:32:06 PM by Oyle
»
Logged
MCP, MCP+I, MCSA, MCSE(NT4/W2K), CCNA, CCA, NWCCC, VH-PIRTS, CEH
--------------------
"hackers are like jedi, crackers are like the sith: do not fall prey to the dark side".
From 1337 h4x0r h4ndb00k: "the ten laws of geek", law x
-Tapeworm
Pages: [
1
]
Go Up
Print
« previous
next »
Jump to:
Please select a destination:
-----------------------------
EH-Net
-----------------------------
=> Special Events
=> Calendar Of Events
===> ChicagoCon 2007
===> ChicagoCon 2008s
===> ChicagoCon 2008f
===> ChicagoCon 2009
=> News Items and General Discussion About EH-Net
-----------------------------
Ethical Hacking Discussions and Related Certifications
-----------------------------
=> Certification
===> The Charter Study Group - Pen Test
=> Network Pen Testing
===> CEH - Certified Ethical Hacker
=====> CEH - Official Course Modules v4
=====> CEH - Official Course Modules v5
=====> CEH - Official Course Modules v6
===> CPTS - Certified Pen Testing Specialist
=====> CPTS - Official Course Modules v5
===> CPTE - Certified Pen Testing Expert
=====> CPTE - Official Course Modules v1
===> ECSA - EC-Council Certified Security Analyst
=====> ECSA - Official Course Modules v1.2
=====> ECSA / LPT - Official Course Modules v3
===> OSCP - Offensive Security Certified Professional
===> GPEN - GIAC Certified Penetration Tester
=> Forensics
===> CCE / MCCE - (Master) Certified Computer Examiner
===> CHFI - Computer Hacking Forensic Investigator
=====> CHFI - Official Course Modules v2
===> EnCE - EnCase® Certified Examiner
=> Incident Response
===> CSIH - Computer Security Incident Handler
===> GCIH - GIAC Certified Incident Handler
=> Hardware
=> Malware
=> Physical Security
=> Programming
=> Social Engineering
=> Web Applications
=> Wireless
===> CWNP Certs
===> GAWN - GIAC Assessing Wireless Networks
===> OSWP - Offensive Security Wireless Professional
=> Other
-----------------------------
Columns
-----------------------------
=> Editor-In-Chief
=> Gates
=> Heffner
=> Hoffman
=> RichM
=> Murray
=> J. Peltier
=> Wilson
-----------------------------
Features
-----------------------------
=> /root
=> Book Reviews
=> Opinions
=> Skillz
===> Examples
===> May 06 - Star Hacks, Episode V: The Empire Hacks Back
===> July 06 - Hack Bill!
===> Sept 06 - Netcat in the Hat
===> Nov 06 - Hitch-Hackers Guide to the Galaxy
===> Dec 06 - A Christmas (Hacking) Story
===> Feb 07 - Charlottes Web Site
===> April 07 - Microsoft Office Space
===> June 07 - Serenity Hack
===> Oct 07 - Worst. Ethical. Hacker. Challenge. Ever.
===> Dec 07 - Frosty the Snow Crash
===> March 2008 - It Happened One Friday
===> Oct 2008 - Scooby Doo and the Crypto Caper
===> Dec 08 - Santa Claus Is Hacking to Town
-----------------------------
Resources
-----------------------------
=> Career Central
===> Looking For Work
===> Looking To Hire
=> Links to cool sites.
=> Mass Media
=> News from the Outside World
=> Tools
=> Tutorials
Loading...
Sponsors
Polls
How many security events including conferences and training do you attend a year:
1 - 2
3 - 4
5 - 6
7+
None - But want to
None - Choose not to
Support EH-Net
Support EH-Net by
Buying all of your
Amazon items using
the search bar above.
Try CBT Nuggets Free!
Recent Forum Topics
Wireless
: Wait for newer adaptors or just get an alfa?
(0) by
nap191
Other
: Windows 7 Beta Available Tomorrow
(7) by
NickFnord
Wireless
: WEP cracking, how to ping router?
(2) by
duffman984
Oct 2008 - Scooby Doo and the Crypto Caper
: Skillz October 08 Winning Entry - Creative
(2) by
rforsythe
Book Reviews
: Need a book suggestion!
(5) by
unicityd
OSCP - Offensive Security Certified Professional
: Offensive Security Releases Sample Pen Testing Report
(2) by
Chan
Web Applications
: Determine URL from IP address
(3) by
scottr
Malware
: uninstall trend mciro officescan clients
(2) by
Hack_80
Other
: openSUSE 11.1 Released
(0) by
don
Other
: Insanity?
(5) by
jason
Other
: Fedora Hits the 10 Spot
(0) by
don
Other
: FreeBSD 7.1 Released
(0) by
don
OSCP - Offensive Security Certified Professional
: Next Up OSCP101 v2.0
(39) by
don
Tools
: Core Impact Essentials
(0) by
sgt_mjc
News from the Outside World
: Google branching out a little further...
(3) by
jason
Physical Security
: Magnetic stripe card spoofing
(5) by
jason
Gates
: Oracle version module for metasploit
(3) by
RoleReversal
Malware
: THe website is Evil but what to do??
(3) by
NickFnord
CEH - Certified Ethical Hacker
: Helow... help some tutorials...
(7) by
K3lV1n
CEH - Certified Ethical Hacker
: CEH is a scam
(20) by
K3lV1n
Mass Media
: Daniel Suarez Interview
(9) by
blackazarro
Malware
: Security Forecast for 2009
(5) by
jason
News from the Outside World
: Is this acceptable?
(9) by
jason
Wireless
: Wireless Pen Testing Cards
(6) by
jason
Oct 2008 - Scooby Doo and the Crypto Caper
: Skillz October 08 Winning Entry - Technical
(1) by
jason
Book Reviews
: [Article]-Mitnick - The Art Of Intrusion: Ch 1 - Hacking The Casinos For A Million Bu...
(5) by
jason
Links to cool sites.
: Free Computer Engineering Classes From Stanford
(3) by
jason
Oct 2008 - Scooby Doo and the Crypto Caper
: [Article]-Scooby Doo and the Crypto Caper - Answers and Winners
(2) by
jason
News Items and General Discussion About EH-Net
: [Article]-Jan 2009 Free Giveaway Sponsor - Black Hat DC
(1) by
jason
News Items and General Discussion About EH-Net
: EH-Net Milestone - 2 Articles Cross 1 Million Page Views
(3) by
BillV
Other
: What kind of lab, machines you have for your security testing?
(12) by
charlottebandit
Malware
: Network Virus Problem
(9) by
RoleReversal
Wireless
: WUSB600N good usb ?
(2) by
nap191
Other
: FBI code cracking challenge
(3) by
jimbob
Calendar Of Events
: RSA 2009
(0) by
don
Forensics
: Network Forensic tools/practice/techniques
(2) by
jimbob
Malware
: Autoplay when i try to open the drive.
(4) by
jimbob
CEH - Certified Ethical Hacker
: Any Practice Environment for learning tool for CEH?
(15) by
don
Wireless
: a petri-dish bridge
(2) by
don
CEH - Certified Ethical Hacker
: TFTP Tranfer time out
(5) by
jason
Vote For EH-Net
progenic.com
binarica.com
technorati fave
Privacy Notice
for TDCC & All Properties
© 2009 The Ethical Hacker Network
Joomla!
is Free Software released under the GNU/GPL License.
Wireless : Wait for newer adaptors or just get an alfa?
