Re: [SLUG] From PC Magazine...

From: Paul M Foster (paulf@quillandmouse.com)
Date: Tue Jul 29 2003 - 00:52:51 EDT


On Mon, Jul 28, 2003 at 07:37:22PM -0400, Eric Jahn wrote:

> Thank you for the excellent description of buffer overflows! :)
>
> hmmm, makes me wonder if any talented malicious hackers have designed
> algorithms to automatically determine the memory layout without manual
> testing and retesting? It would be then the Java of hackerdom...sort of
> like "write once...destroy everywhere". For example, you'd have sort of
> a hacker virtual machine (HVM) that is inserted into the overflow area
> of the code. When executed, the HVM then lays out the parent computer's
> file system and then with root privileges, executes malicious or
> beneficial programs that the HVM can download from the net or on a local
> drive or unzipped alongside the HVM. The hacker could write operating
> system agnostic code which would be run by the HVM bytecode
> interpreter. I'm sure there could be a non-maliscious application of
> this, like for self-healing purposes, but I can't think of any, because
> it would be better to just replace the overflow-causing bug.

I'm not sure a program of any reasonable size could be made to do this,
since it requires observing what happens when you overload buffers with
certain values, and a "feel" for how executables are laid out. I suppose
the first thing you'd need to do is discover where the executable code
is, and then where the executable code starts and ends, or at least
secure a spot big enough for your "hack". I'm also not sure that Java
would be suitable for this kind of thing.

However, I don't know anything about this from a hacker's viewpoint.
Only from a programmer's viewpoint. So anything's possible.

Paul



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:00:57 EDT