Scribd Logo
Upload

Welcome to Scribd!

  • 7 views

    Hijacking M

    Uploaded by

    ginni awasthi
    Buffer overflow attacks, integer overflow attacks, and format string vulnerabilities are types of control hijack attacks where an attacker takes over a target machine by exploiting vulnerabilities in how a program handles input data. The attacker's goals are to execute arbitrary code on the target machine by hijacking the application's control flow. Stack-based buffer overflows overwrite the return pointer to transfer control to the attacker, while heap-based overflows flood the program's memory space. Format string vulnerabilities allow attackers to leak data if they control the format argument passed to functions like printf.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Hijacking M

    Uploaded by

    ginni awasthi
    7 views11 pages
    Buffer overflow attacks, integer overflow attacks, and format string vulnerabilities are types of control hijack attacks where an attacker takes over a target machine by exploiting vulnerabilities in how a program handles input data. The attacker's goals are to execute arbitrary code on the target machine by hijacking the application's control flow. Stack-based buffer overflows overwrite the return pointer to transfer control to the attacker, while heap-based overflows flood the program's memory space. Format string vulnerabilities allow attackers to leak data if they control the format argument passed to functions like printf.

    Original Description:

    Original Title

    Hijacking m

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Buffer overflow attacks, integer overflow attacks, and format string vulnerabilities are types of control hijack attacks where an attacker takes over a target machine by exploiting vulnerabilities in how a program handles input data. The attacker's goals are to execute arbitrary code on the target machine by hijacking the application's control flow. Stack-based buffer overflows overwrite the return pointer to transfer control to the attacker, while heap-based overflows flood the program's memory space. Format string vulnerabilities allow attackers to leak data if they control the format argument passed to functions like printf.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    7 views11 pages

    Hijacking M

    Uploaded by

    ginni awasthi
    Buffer overflow attacks, integer overflow attacks, and format string vulnerabilities are types of control hijack attacks where an attacker takes over a target machine by exploiting vulnerabilities in how a program handles input data. The attacker's goals are to execute arbitrary code on the target machine by hijacking the application's control flow. Stack-based buffer overflows overwrite the return pointer to transfer control to the attacker, while heap-based overflows flood the program's memory space. Format string vulnerabilities allow attackers to leak data if they control the format argument passed to functions like printf.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 11

    OUTLINES

     Introduction
     Attacker’s goals
     Buffer overflow attacks
     Integer overflow attacks
     Format string vulnerabilities
     Reference
    INTRODUCTION
    • A control hijack attack is done by overwriting some
    of the data structures in a victim program.
    • The attacker takes control of a communication.
    • The attacker uses a program that appears to be the
    server to the client and appears to be the client to the
    server .
    • It is also known as the man in middle attack.
    ATTACKER’S GOALS
     Takeover target machine(for example web server)

     Execute arbitrary code on target by hijacking


    application control flow.
    BUFFER OVERFLOW

    • Buffer overflow is a software coding error or


    vulnerability that can be exploited by hackers to gain
    unauthorized access to corporate systems.

    • It is one of the best-known software security


    vulnerabilities yet remains fairly common.
    TYPES OF BUFFERFLOW
    1) Stack-based buffer overflows attack:
    • The stack-based approach occurs when an attacker
    sends data containing malicious code to an
    application, which stores the data in a stack buffer.
    • This overwrites the data on the stack, including its
    return pointer, which hands control of transfers to
    the attacker.
    2) Heap-based buffer overflows:
    • A heap-based attack is more difficult to carry out than
    the stack-based approach.
    • It involves the attack flooding a program’s memory
    space beyond the memory it uses for current runtime
    operations.

    3) Format string attack: A format string exploit takes


    place when an application processes input data as a
    command or does not validate input data effectively. 
    INTEGER OVERFLOW
    ATTACKS
    • Integer overflow attacks involve exploiting bugs in
    software. When these integer overflow flaws are
    abused, it can lead to disastrous results,
    including infecting devices with spyware.
    FORMAT STRING
    VULNERABILITY
    • A format string vulnerability is a bug where user
    input is passed as the format argument
    to printf, scanf, or another function in that family.

    • The format argument has many different specifies


    which could allow an attacker to leak data if they
    control the format argument to printf.
    THANKYOU
    REFERENCE
    • https://www.techtarget.com 
    • https://intellipaat.com

    You might also like