Buffer Overflow

(OBJ 2.3 & 2.4)

Occurs when a process stores data outside the memory range allocated by the developer
Buffer: Temporary storage area where a program stores its data
Common initial attack vector in data breaches
- 85% of data breaches used buffer overflow as the initial vector
Attackers exploit the excess data written beyond buffer boundaries to manipulate program execution

Phone Number Area code overflow example

Temporary storage areas used by programs to hold data
They have a defined memory capacity, just like a glass holding a limited amount of water
Overflowing a buffer results in data spilling into adjacent memory locations, causing unintended consequences

Stack
- Programs have a reserved memory area called a stack to store data during processing
The stack uses a "first in, last out" organization
Stack contains return addresses when a function call instruction is received
Attackers aim to overwrite the return address with their malicious code's address

How data is stored in your Computer
- It can then return to the attacker's malicious code and this will give them a shell or command prompt on the victim system where they can now perform a remote code execution

Attackers aim to overwrite the return address with a pointer to their malicious code
When the non-malicious program hits the modified return address, it runs the attacker's code
This gives attackers a command prompt on the victim's system for remote code execution

Attackers fill the buffer with NOP (No-Operation) instructions
- A NOP instruction is an instruction that tells the computer to do nothing and simply go to the next instruction
The return address slides down the NOP instructions until it reaches the attacker's code
- The final return pointer directs to the attackers code

Address Space Layout Randomization (ASLR)
- Helps prevent attackers from guessing return pointer addresses
- Randomizes memory addresses used by well-known programs, making it harder to predict the location of the attacker's code
Used since Windows Vista