Follow us on Twitter!
The measure of a mans life is not how well he dies, but how well he lives.
Friday, April 25, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 20
Guests Online: 20
Members Online: 0

Registered Members: 82908
Newest Member: krishna7799
Latest Articles
View Thread

HellBound Hackers | Computer General | Hacking in general

Author

Buffer Overflow Information


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 27-03-08 02:21
Hi,

I'm looking for information on buffer overflows. I've learnt what it is, but I cant seem to find out how to use one. I've tried google and just found confusing code and stuff I do not understand. If anyone knows of a tutorial or article were I could get some good information on how to perform a buffer over flow, the different types of buffer overflows, or anything that would be useful, it would be greatly appreciated.

Thanks, ahead of time


Author

RE: Buffer Overflow Information


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 27-03-08 02:36
Overwriting the buffer with enough data to crash it, then inserting your own string such as shell code.

Anyways, this is an extremely annoying way to go about things in more complex applications, your best bet is to learn programming and exploits pertaining to overflows and their dangers.

Myself I haven't gone into them very deep, but I'm sure someone here has


Author

RE: Buffer Overflow Information

Mb0742
Member



Posts: 198
Location:
Joined: 26.11.07
Rank:
Apprentice
Posted on 27-03-08 02:57
goto milw0rm.com and at the bottom there is a video on 'classic buffer overflow'


Mb
javascript:alert("hi")
Author

RE: Buffer Overflow Information


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 27-03-08 02:57
it fills memory until you are at "sensitive" portion of memory, where computer runs it as root, and overwrite such portion of memory with you own shellcode, mainly code that force computer to surrender root privilege.

obviously it's not easy.... now if you wanna do heap overflow it's get even more nasty....



now if you don't know C++, C, Assembly or any other low language....

don't even bother....

otherwise PM me about it and i will send you link to a very good website where it illustrates logically....




Edited by on 27-03-08 03:00
Author

RE: Buffer Overflow Information


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 27-03-08 02:59
For a wile, I was just ignoring buffer overflows. But they seem to be popping up every-were on my vulnerability scanners, so I finally decided to pay attention to them. That's why I'm looking for information.


Author

RE: Buffer Overflow Information


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 27-03-08 03:01
Mb0742 wrote:
goto milw0rm.com and at the bottom there is a video on 'classic buffer overflow'


I thought about trying Milw0rm, but I thought they would just have more confusing code. Videos dont work on my current computer,but ill be sure to check that out later.




Author

RE: Buffer Overflow Information

Mb0742
Member



Posts: 198
Location:
Joined: 26.11.07
Rank:
Apprentice
Posted on 27-03-08 03:01
Wait what? So If I'm not root I can just whip up a program and overflow it to become root?


Mb
javascript:alert("hi")
Author

RE: Buffer Overflow Information


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 27-03-08 03:03
Mb0742 wrote:
Wait what? So If I'm not root I can just whip up a program and overflow it to become root?


yes, that what usually means when "hackers" says buffer overflow....

now when software guys says it, it mean something else similar....




Edited by on 27-03-08 03:04
Author

RE: Buffer Overflow Information


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 27-03-08 03:05
alka wrote:
now if you don't know C++, C, Assembly or any other low language....

don't even bother....

otherwise PM me about it and i will send you link to a very good website where it illustrates logically....


Well, I have been web hacking for a wile, but I havn't much programming experience. If its out of my league to learn about this stuff then I think i'll take alka's advice and not look too heavily into it. Ill still look into any advice you guys got, no point in letting it go to waste.


Author

RE: Buffer Overflow Information

Mb0742
Member



Posts: 198
Location:
Joined: 26.11.07
Rank:
Apprentice
Posted on 27-03-08 03:07
alka can I have that link you told the OP about?


Mb
javascript:alert("hi")
Author

RE: Buffer Overflow Information


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 27-03-08 03:09
Slash0Drive wrote:
alka wrote:
now if you don't know C++, C, Assembly or any other low language....

don't even bother....

otherwise PM me about it and i will send you link to a very good website where it illustrates logically....


Well, I have been web hacking for a wile, but I havn't much programming experience. If its out of my league to learn about this stuff then I think i'll take alka's advice and not look too heavily into it. Ill still look into any advice you guys got, no point in letting it go to waste.


i think it's better to keep such concept at back of your head and start studying again when you have sufficient knowledge with proper language to perform such task....


Author

RE: Buffer Overflow Information


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 27-03-08 03:12
alka:

Srry, i meant to add it i was going to do that 2




Author

RE: Buffer Overflow Information

richohealey
Member



Posts: 1022
Location: #!/usr/local/bin/python
Joined: 01.05.06
Rank:
Monster
Posted on 27-03-08 08:09
Lemur wrote:
Overwriting the buffer with enough data to crash it, then inserting your own string such as shell code.

Anyways, this is an extremely annoying way to go about things in more complex applications, your best bet is to learn programming and exploits pertaining to overflows and their dangers.

Myself I haven't gone into them very deep, but I'm sure someone here has


The fuck?

And also, no you have to find an overflow in an application that's running as root, or in the kernel itself.

Provided you're running a reasonably recent Nix based OS then address space is pretty tightly guarded, crossing nto another applications memeory is about impossible, the kernel itself stops you from doing that.,


bitchohealey at hotmail dot com skype:richohealey www.psych0tik.net