Join facebook group THE HACKER DEVIL
Buffer Overflow | The Basics
Hi, welcome back to Devils Blog On Security, in this post we'll discus some basics about buffer overflows also known as buffer overruns. So before we discus what is buffer overflow or buffer overrun is we will have a look on what exactly is buffer. Computer stores information in form of bits, for example if you want to store number 3 in computer's memory it will be stored in its binary form which is 11, as you can see 11 will require 2 bits to get stored in memory that indirectly means the number 3 will require 2 bits of computer memory or 2 bits of buffer. In simple words buffer is amount of memory allocated for particular variable or element.
Now consider the name of space where number 3 is stored is ' x ' that means total capacity of ' x ' is 2 bits. It can easily store number 0,1,2,3 in it. Now suppose we want to replace 3 by 4 in allocated memory x. Number 4 can be denoted as 100 in binary which actually requires 3 bits for memory allocation and hence when you'll try to stuff 3 bits of information in 2 bits of memory space the program will end up giving error prone and unwanted output which is in other terms known as buffer overflow and the act of manipulating this unwanted output for benefit is known as buffer overflow attack.
Lets take a funny example to explain above technical stuff in easy manner. Consider a person Rajan is capable of eating 10 apples and he eats 15. 10 apples can be considered as buffer capacity of Rajan and since he ate 15 apples Rajan will end up with unwanted output as indigestion and acidity.
Buffer overflow problems are not easy to discover, even if they are discovered they aren't that easy to exploit even for a programmer with more than 6 to 10 years of experience in programming (unless his job was to write exploit as a programmer). Buffer overrun problems are found in web based applications like, web browsers, ftp browsers, web servers, IRC clients, network based applications etc where C, C++ or similar high level programing language is used which is capable of dynamic memory allocation.
To create an exploit for buffer overrun an attacker needs source code and output of program and in very few cases any one of them. It is practically impossible to create an buffer overflow exploit without above information and hence only experienced programmers are capable of building exploits since they are capable of understanding even complex pieces of source codes.
I hope above basics is okay for now, in future post we will cover its types, how it works and how to code and write basic and advanced buffer overflow exploits, thanks for reading have a nice time.