Archive for the ‘Hacking’ Category

It is amazing that after so maany years linux being actively developed, the buffer overflow exploit remains one of the top security vulnerabilities in 2011. Buffer overflow was first detailed in Smashing The Stack For Fun and Profit by Alphe One. Nevertheless, here is my first successful attempt in creating a buffer flow in my code.

The code is a simple one. Yet it forms the basis of a stack-based buffer overflow. Mystically, the program below prints a result of zero. The instruction ‘x = 1’ is skipped due to the buffer overflow exploit.

void function(int a, int b, int c) {
    int *ret;
    ret = (int*) &a - 1;
    (*ret) += 8;
}

void main() {
    int x;
    x = 0;
    function(1,2,3);
    x = 1;
    printf("%d\n",x);
}
Advertisements

Everything can be hacked, except for perhaps, this!

It is about the unidirectional networks. According to Wikipedia:

A unidirectional network (also referred to as a unidirectional security gateway or data diode) is a network appliance or device allowing data to travel only in one direction, used in guaranteeing information security.

Here’s a video from the manufacturer explaining it all.