Exploring the Effectiveness of Modern Defensive Measures Against Stack-Based Buffer Overflows

In the last post, we have explored the exploitation of buffer overflows on the stack. We have seen how these attacks are performed and where issues in our code can arise to make them vulnerable. Today we will focus on defensive measures against these attacks. Measures such as ASLR and DEP have been developed to stop these attacks. Today’s questions are:
“How effective are current defensive measures, like ASLR and DEP, in preventing memory manipulation exploits?” as well as “How do different software architectures and operating systems influence the success rate of memory manipulation exploits?”

Continue reading “Exploring the Effectiveness of Modern Defensive Measures Against Stack-Based Buffer Overflows”

Explanation of memory-based attacks

In the last post, we have looked at how we can identify when a buffer overflow can be performed. Finding a buffer overflow is very handy, and understanding when your code might be vulnerable is just as good. But what good does it do when we do not understand how someone can exploit this? We will take off the shoes of the defender and become the hacker, today!
Today’s question is: “How do these exploits work and how do we perform these?”

Continue reading “Explanation of memory-based attacks”

Identification of Memory-Based Attacks

Through the years, we have seen many kinds of breaches happen on digital systems. Attacks such as stack-based buffer overflows proved to be a first step in the direction of many more attacks to come. These attacks, prevalent in vulnerable code, allowed attackers access to a lot of tooling they should not have access to. Today, the question we pose is:
“What are the most common memory-based exploits and how can we identify these?”

Continue reading “Identification of Memory-Based Attacks”

Introduction to memory-based attacks

Memory-based attacks are attacks we don’t hear a lot about anymore, nowadays. Back in the 80’s and 90’s, this method was used a lot, with attacks such as the Morris Worm paving the way for future attacks of this kind. In this series, we will be exploring, understanding and learning about attacks utilizing memory in digital devices. And hopefully, leave you with a better understanding of how these work.

Continue reading “Introduction to memory-based attacks”