Danny I and were emailing the other day a little about buffer overflows and how they work.
In doing something totally unrelated I stumbled upon a Microsoft page in German which warned of a “Pufferüberlauf”. That was such a catchy word, I felt compelled to share it.
-
Recent Posts
Recent Comments
- Kayge on Ford Flex factory hitch project
- Kayge Jilek on Ford Flex factory hitch project
- Renee Jones on Ford Flex seat swap project complete
- bturnip on Ford Flex factory hitch project
- Bill on Ford Flex factory hitch project
Archives
Categories
Meta
I don’t know much about German phonetics- is that puhffer-ooo-bur-laff? poofer-uu-ber-loaf?
I would say puhffer-ooo-bur-lowf.
Incidentally, my next assignment for school is going to deal with buffer overflows. In fact, we are tasked with attacking a machine that was set up by the prof explicitly for the purpose, and by using a buffer overflow attack, we should be able to take complete control of the machine and end up in a shell with admin privileges. It’s remarkably easy to do, looking at the assignment, assuming you can find machines with (in this case) a version of ssh which is susceptible to this particular attack (known as a shack attack).
What version of ssh would this be? I am curious to how recent of a version this will be, and how long ssh was vulnerable before it was patched.
I can’t respond to this at present. I don’t know if it’s a question of which “version” of ssh you have, as in Version x.xx or whether it’s which “implementation” of ssh you are using. I’m sure there’s probably info about it online, and if you feel like investigating, the knowledge you acquire could prove useful to me later. 😉