Diving Deeper - Threats and Vulnerabilities Domain (BufferOverflows)

Chad Russell
A free video tutorial from Chad Russell
Join the Cyber Security Industry!
3.7 instructor rating • 21 courses • 76,102 students

Lecture description

This is an excerpt on 'Buffer Overflows' from the 'Security+ Certification Training Course' which you will learn more about in the next 'Bonus Lesson' below.  


As Security Practitioners it's important to understand how to exploit and secure computer programs.  In this example I'll show you what makes programs insecure and how to address it.   

Learn more from the full course

Intro to Cyber Security Certification - Security+ Boot Camp

Get a brief introduction to the Cyber Security Industry and Security+ Certification

01:12:29 of on-demand video • Updated July 2016

  • Plan a career in the Cyber Security Industry
  • Get insight into the 'Six Domains' covered in the Security+ Exam
  • Obtain Cyber Security experience and build up your resume
  • Take the next step and prepare for in-depth Security+ training
English [Auto] This section we're going to look at a sample C program and identify how it's structured and walk through the vulnerabilities of the application and then exploit the application. So so go ahead and take a look. Here we have a buffer overflow Dotsie program will go ahead and open that up with nano OK. So we've got our standard IO includes unstring includes PC and in our main function you can see that we've set up a variable where really an array of type character. And we've set a length of the array to 15. And so we've also set another variable which is the past variable of type integer to the value of 0. So in this program where we're going to do is prompt the user via the print function to enter a password you can still use the gets function and so it will do a comparison string comparison. And we're going to compare the buffer contents of the buffer to the password which I hardcoded here as being web of security and if they don't match then we'll say that's not the right password. So go back give them an option to put in the correct password then we'll set it to one and then give them word privileges. So really what we're trying to illustrate in this little sample C program is what happens when the array is overloaded. OK so now the gets function is admittedly a deprecated function within C and the compiler is going to give you errors and that's fine but it allows us to go in and kind of illustrate what happens when we overflow a buffer. All right so it's gotten close this out and I have already compiled this and run the compiled program All right so our program is asking us for a password I'm going to go ahead and enter the correct one as it was designed just so we can make sure that it's functioning properly. Okay great. It said that we have root privileges which really doesn't mean anything in the context of this program. But what happens if we run this and remember this array of 15 characters. Is what's the construct that's been set up to accept our input. And what happens if we put in more than 15 characters and press ENTER well. So the runtime caught it right but it killed the program so it detected that we were trying to smash the stack and we indeed were trying to smash the stack and the program was terminated. So this is an example of a poorly written program from a buffer overflow standpoint when it comes to buffer overflows. What we're looking for in best practices you know is to make sure that we're doing input validation in parameter checking. Now in C that's extremely important in some languages it's not quite as important that are safe. For instance Java handles these things automatically.