• Vulnerability Types
  • Buffer Overflow
  • | Chapter 4: Looking for Vulnerabilities




    Download 22,59 Mb.
    Pdf ko'rish
    bet113/225
    Sana14.05.2024
    Hajmi22,59 Mb.
    #232856
    1   ...   109   110   111   112   113   114   115   116   ...   225
    Bog'liq
    learningkalilinux

    116 | Chapter 4: Looking for Vulnerabilities


    You may be thinking that exploits requiring authentication are also
    bad. They are bad, but in a different way. If someone has to present
    credentials, meaning they are authenticated, in order to exploit a
    vulnerability, it means one of two things: either an insider attack or
    compromised credentials. An insider attach is a different situation
    because if you can already authenticate and you want to cause a
    problem, you probably don’t need to use a vulnerability. If you
    instead have compromised credentials, this should be addressed in
    other ways as well. If I can get access to your system without any
    authentication, though, that’s really bad because it means anyone
    can do it.
    Network devices like switches and routers are also prone to vulnerabilities. If one of
    these devices were to be compromised, it could be devastating to the availability or
    even confidentiality of the network. Someone who has access to a switch or a router
    can potentially redirect traffic to devices that shouldn’t otherwise have it. Kali comes
    with tools that can be used to test for vulnerabilities on network devices. As Cisco is a
    prominent vendor, it’s not surprising that a majority of tools focused on vulnerabili‐
    ties in network devices are focused on Cisco.
    Vulnerability Types
    The 
    Open Web Application Security Project (OWASP)
    maintains a list of common
    vulnerability categories. Each year, OWASP issues a list of top 10 application security
    risks. Software is released and updated each year, and every piece of software has bugs
    in it. When it comes to security-related bugs that create vulnerabilities, some com‐
    mon ones should be considered. Before we get into how to search for these vulnera‐
    bilities, you should understand a little bit about what each of these vulnerabilities is.
    Buffer Overflow
    Buffer overflow
    is a common vulnerability and has been for decades. Although some
    languages perform a lot of checking on the data being entered into the program as
    well as data that is being passed around in the program, not all languages do that. It is
    sometimes up to the language and how it creates the executable to perform these
    sorts of checks. However, some languages perform no such checks. Checking data
    automatically creates overhead, and not all languages want to force that sort of over‐
    head on programmers and programs.
    A buffer overflow takes advantage of the way data is structured in memory. Each pro‐
    gram gets a chunk of memory. Some of that memory is allocated for the code, and
    some is allocated for the data the code is meant to act on. Part of that memory is a
    data structure called a 
    stack
    . Think about going through a cafeteria line or even a buf‐
    fet. The plates or trays are in a stack. Someone coming through pulls from the top of

    Download 22,59 Mb.
    1   ...   109   110   111   112   113   114   115   116   ...   225




    Download 22,59 Mb.
    Pdf ko'rish