Skip to main content
Information Security

All Questions

Ask Question
Tagged with
8 questions
NewestActiveBountiedUnanswered
0votes
2answers
495views

How to prevent buffer overflow attack?

int main(void) { char buff[15]; int pass = 0; printf("\n Enter the password : \n"); gets(buff); if (strcmp(buff, "thegeekstuff")) { printf("\n Wrong Password \n"); } ...
OCTAVIAN's user avatar
OCTAVIAN
  • 101
2votes
1answer
258views

ASCII Armoring in a little endian system

With regard to the question: How does ASCII-Armoring help to prevent buffer-overflow attacks?: How does the armored region prevent an attack? If the most significant byte of the return address is ...
Bush's user avatar
Bush
  • 347
1vote
2answers
3kviews

Are buffer overflows on websites stoppable?

Recently, I was at the bookstore checking out books on computers. I found an interesting book on various types of hacks and how to stop them on your servers. One that caught my eye was the "buffer ...
SirPython's user avatar
SirPython
  • 113
1vote
1answer
7kviews

Stack Guard vs Stack Shield

I would like to know why nowadays Stack Guard is used everywhere (example: ProPolice in GCC, /GS in Visual Studio), instead of Stack Shield. Both the approaches (i.e. Stack Guard & Stack Shield) ...
Jaydeep Solanki's user avatar
Jaydeep Solanki
  • 227
11votes
3answers
4kviews

How does ASCII-Armoring help to prevent buffer-overflow attacks?

I was reading about return-to-libc attacks at Wikipedia. According to what I read and understood from the article, ASCII armoring means that binary data is converted into ASCII values by grouping ...
Karan's user avatar
Karan
  • 467
1vote
1answer
587views

How non-executable are implemented? [duplicate]

In the "Hacking the art of Exploitation" its said that the basic idea of stack overflows attacks is that the operating system can't differentiate instructions from data inside the stack ,and the ...
HSN's user avatar
HSN
  • 1,218
1vote
1answer
121views

Dangers of a vulnerability in a local installer?

I sent a message to my dev manager about a buffer overflow in our (widely distributed) installer, and received a response that it didn't matter as it wasn't server code. Other than the fact that if ...
doyler's user avatar
doyler
  • 612
13votes
2answers
3kviews

Bypassing Address Space Layout Randomization

How effective is ASLR in preventing arbitrary code execution in a buffer overflow type exploit? How hard is it for an attacker to bypass this without simply guessing where the addresses are?
Magnus's user avatar
Magnus
  • 1,204

close