skip to main content
10.1145/1501434.1501521acmotherconferencesArticle/Chapter ViewAbstractPublication PagespstConference Proceedingsconference-collections
research-article

Exploiting a buffer overflow using metasploit framework

Published: 30 October 2006 Publication History

Abstract

Buffer overflow has been used for many years as an effective mean for system penetration to gain remote access [2, 3, 5, 6, 7]. Buffer overflow exploitation takes advantage of weak software programming such as boundary check for memory usage of declared buffers somewhere in the program to undermine software security and exploit its vulnerability so that attacker can remotely access victim's system. This access can be then escalated either vertical, to gain administrator privilege (in case of windows operating system, or root access, in case UNIX like operating system), or horizontal to access other host in the same network.
This paper will try to address the question of, what buffer overflow is. How it happens? How it can be exploited? And what are the defense measures that can be taken to avoid such a problem?
As a response to the above questions, a discussion about available commercial and open source software that are used as tools for exploitation are covered. The widely used open source software called Metasploit Framework is used to demonstrate the concept.

References

[1]
Elias Levy Aleph One. "Smashing The Stack For Fun And Profit". Phrack 7(49), November 1996. Link: http://reactor-core.org/stack-smashing.html
[2]
Puchkov and K. A. Shapchenko, "Static Analysis Method for Detecting Buffer Overflow Vulnerabilities", Programming and Computer Software, Vol. 31, No. 4, 2005, pp. 179--189.
[3]
Istvan Simon, "A Comparative Analysis of Methods of Defense against Buffer Overflow Attacks", Web address: http://www.mcs.csuhayward.edu/~simon/security/boflo.html.
[4]
Robert Morris web site: http://pdos.csail.mit.edu/~rtm/
[5]
James C. Foster et al., "Buffer Overflow Attacks: Detect, Exploit, Prevent", Syngress Publishing 2005.
[6]
Eugene Spafford, The Internet Worm Program: Analysis, Computer Communications Review, 1989 {11} Mark W. Eichin and Jon A. Rochlis, With Microscope and Tweezers: An Analysis of the Internet Virus of November 1988, 1988. http://www.mit.edu:8001/people/eichin/www/virus/main.html
[7]
Sandeep Grover Web Site: http://www.linuxjournal.com/article/6701.
[8]
Preventing Buffer overflow http://msdn.microsoft.com/library/default.asp?url=/library/en-us/csvr2002/htm/cs_se_securecode_ppct.asp
[9]
"Intel's Prescott will end buffer overflow security problems", http://www.internet-security.ca/internet-security-news-005/intel-prescott-cpu-will-end-buffer-overflows-security-problems.html.
[10]
"Testing Static Analysis Tools Using Exploitable Buffer Overflows From Open Source Code", http://www.ll.mit.edu/IST/pubs/04_TestingStatic_Zitser.pdf.
[11]
The Linux OpenWall Project, Nonexecutable Stack Patch for Linux, http://www.openwall.com/linux/
[12]
Casper Dik, Non-Executable Stack for Solaris, posted to comp. security. unix January 2, 1997. http://x10.dejanews.com/
[13]
Crispin Cowan, Perry Wagle, Calton Pu, Steve Beattie, and Jonathan Walpole, Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade, in DARPA Information Survivability Conference and Expo 2000.
[14]
Mark Donaldson, http://www.sans.org/rr/whitepapers/securecode/386.php
[15]
http://www.sans.org.
[16]
http://www.secureenterprisemag.com/products/showArticle.jh tml?articleId=164303439&pgno=10
[17]
http://www.adtmag.com/article.aspx?id=9900&page=
[18]
http://www.metasploit.com/projects/Framework/

Cited By

View all
  • (2021)Penetration Frameworks and Development Issues in Secure Mobile Application Development: A Systematic Literature ReviewIEEE Access10.1109/ACCESS.2021.30882299(87806-87825)Online publication date: 2021
  • (2020)PoseidonProceedings of the 21st International Middleware Conference10.1145/3423211.3425671(207-220)Online publication date: 7-Dec-2020

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
PST '06: Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
October 2006
389 pages
ISBN:1595936041
DOI:10.1145/1501434
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 October 2006

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. buffer overflow
  2. buffer overrun
  3. exploit
  4. framework
  5. metasploit

Qualifiers

  • Research-article

Conference

PST06
PST06: International Conference on Privacy, Security and Trust
October 30 - November 1, 2006
Ontario, Markham, Canada

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)12
  • Downloads (Last 6 weeks)4
Reflects downloads up to 13 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2021)Penetration Frameworks and Development Issues in Secure Mobile Application Development: A Systematic Literature ReviewIEEE Access10.1109/ACCESS.2021.30882299(87806-87825)Online publication date: 2021
  • (2020)PoseidonProceedings of the 21st International Middleware Conference10.1145/3423211.3425671(207-220)Online publication date: 7-Dec-2020

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media