A word-processing program being used by Alice, has a overflow vulnerability, tha

Question

A word-processing program being used by Alice, has a overflow vulnerability, that is this program uses gets(buffer) to read a string into a small buffer that is on the stack. Bob sends Alice a file (via e-mail) that Alice opens using this word processor (and since Bob takes advantage of the vulnerability, the word processor gets a buffer overflow attack performed).

A] What is the simplest method to implant some malware using this buffer overflow on the victim’s machine?

B] What makes it difficult to download a binary program using the simple method in [1]?

C] What is the better method (instead of injecting a binary) to place a program on Alice’s machine that will run, probably in perpetuity?

Explanation / Answer

a)

the simplest method to implant malware is using buffer overflow which is to create a bigger file and send it to Alice. Since the size of the file is big it will cause a buffer overflow. Once the overflow is done we can insert a malware into the file and the same can be implanted on the machine.

b)

The binary program are usually compressed and can be translated to plain text sometimes so it is better to inject the program which can be executed on the machine rather than sending the binary directly.

c)

The better approach is to send a bigger file which can cause stack overflow.This will cause the function return handler to corrupt and we can change the return pointer so that it can be pointed to a code in the file itself which is malicious. This way the attack can be done easily and securely.

Related Questions

Navigate

• Browse (All)
• Browse A
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.