0

I am learning computer security and I am trying to find a list of common buffer overflow attacks, but not having much luck.
I am planning on using metasploit for pen-testing as well as backtrack 5, but I haven't started yet. Even pointers to a good sight I would love. Thanks!

Improve this question

2 Answers 2

Reset to default
1

this document introduce and covers many forms of buffer overflow attacks:

http://insecure.org/stf/smashstack.html

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks! Just a question, is it possible to write a buffer overflow exploit in python? Everything is in C/C++ (I don't mind, I can do those)
0

in general you can differentiate bufferoverflows on

  • control-data attacks - control data attacks may overwrite saved registers or other data used to control the application flow

and

  • non-control data attacks - so attacks that try to overwrite variables to get e.g. more credits in a casino game

if you have more a look on the details you can then go deeper and have a look in how the attacks are really working:

you can then differentiate as well on

  • the location where the overwrite occurs
  • where the target is located the in memory that gets overwritten
  • and on which location the shellcode is placed

if you take all that into consideration you have a huge bunch of bufferoverflow types to analyse - i did that already and it was quite fun ;)

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.