Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    Banned
    Join Date
    Jul 2009
    Posts
    52
    Thanks
    10
    Thanked 4 Times in 4 Posts

    What is a stack overflow

    I want to understand stack overflows, and maybe get to grips with what a stack overflow in regex and perhaps other areas of perl and linux (and anything else) would be, where this can go on, how someone might make it happen on purpose (for I gather it is a mainstream method for hacking various software/systems).

    My research is hampered by some "cool" mainstream technology media-site with the name "Stack Overflow" - I'm just jealous that I didn't get there first.

    Stack overflows and salsa dip anyone? Or perhaps you'll just have doritos?
    Last edited by RabidMango; 07-21-2009 at 02:58 AM.

  • #2
    Senior Coder
    Join Date
    Mar 2006
    Posts
    1,274
    Thanks
    2
    Thanked 39 Times in 38 Posts

  • Users who have thanked KevinADC for this post:

    RabidMango (07-21-2009)

  • #3
    Banned
    Join Date
    Jul 2009
    Posts
    52
    Thanks
    10
    Thanked 4 Times in 4 Posts
    cheers, I shall get stuck in. I'm building security systems for myself, in case you are wondering... not planning to hack anyone.

    My recent spate of programming self-training came about after Korean hackers came to my attention breaching my SSH (which I have naturally patched up now). There were hackers from about a dozen or so countries trying to do it - even now, after I have fixed it, there are more of the muthas coming in and trying it on, but they aren't getting anywhere and I'm successfully capturing lots of their IP addresses all the while.

    My biggest concern is that I don't know what a stack overflow is although I gather from some bright people that it is a thing which hackers can use to send unwanted commands to my machine.

    If the affected program is running with special privileges, or accepts data from untrusted network hosts (e.g. a webserver) then the bug is a potential security vulnerability. If the stack buffer is filled with data supplied from an untrusted user then that user can corrupt the stack in such a way as to inject executable code into the running program and take control of the process. This is one of the oldest and more reliable methods for black hats to gain unauthorized access to a computer.
    Last edited by RabidMango; 07-21-2009 at 02:07 PM.

  • #4
    Senior Coder
    Join Date
    Mar 2006
    Posts
    1,274
    Thanks
    2
    Thanked 39 Times in 38 Posts
    Well, I know what a stack overflow is only by reading about it. How a hacker can use a specific "tool" to hack a website or computer is not something I have any experience or knowledge of.

  • #5
    Banned
    Join Date
    Jul 2009
    Posts
    52
    Thanks
    10
    Thanked 4 Times in 4 Posts
    When I figure out what it is and how it actually works, I'll let you know.

    I still don't know how the successful breaches of my server happened but I do know they were running lots of perl (obviously trying to send mail, although my server thought they were intruders and didn't let them send it, as far as I can see) (even though they got very far in and had root control over the /bin/sh command) and one theory put forwards by one of the sharper people assisting me was that it could be a stack overflow attack.

    I've just downloaded this:
    http://www.isg.rhul.ac.uk/files/Stack%20Overflow.pdf
    and that clearly helps clarify what this problem is.

    This bit suggests that if you can understand that pdf you can understand what the situation is (although apparently salient information is withheld, but I'll keep looking)...
    Some experimentation leads to the choice of a 32-byte long NOP
    landing pad, a start address pointing to a location 48 bytes above the
    estimated stack pointer address, and 20 repetitions of this start address
    at the end (to overwrite the return value), which successfully starts the
    /bin/sh command as root.
    It remains possible (though I don't know the probability) that the successful root control the hacker had over perl on my server was yielded to that hacker by means of this method of using stack overflow to send stuff to /bin/sh command as root. Actually the real cause of the attack for me was that my openssh was vulnerable. How it was vulnerable I do not know - I was too busy getting a "nonvulnerable" one! But maybe its vulnerability was related to stack overflows... I didn't read much about it, maybe I should have done. But you know how it is - I was too busy writing code to block half a dozen countries from my server since they don't actually supply me with any profit but apparently do send me lots of spammers and "hackers" (although "crackers" is the more correct technical term for the people illegally breaching my machine).

    I can see brute-force attacks in progress on my server often, but I don't believe the people who got in successfully brute-forced their way in. It's too unlikely compared to the stack overflow theory.

    When I can write a lay explanation of how it works I'll come back and share it. The more people understand it, the more easily we can put up proper security against it (other than just very careful programming, which may presumably be incapable of preventing it anyway). But first I will spend as long as it takes (could be a long time!) to figure out what in hell it actually means. Looks very juicy to me, though.
    Last edited by RabidMango; 07-21-2009 at 08:37 PM.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •