Menu
I read from a book that Buffer Overflow might be used as a way to inject exploit code which will attack a system. And Stack Randomization is one of those effective ways to prevent such attacks.
I can't understand what is Stack Randomization and how it prevents those attack?
401
Instead of Stack Randomization the technique to defeat (or make more difficult) stack or buffer overflows is called Address space layout randomization (ASLR). The theory behind this is to attempt to randomize where items are in memory to make the task of injecting malicious code more difficult. Some buffer overflow and stack overflow attacks depend on knowing where items are located in memory to be able to inject code that can make valid memory references.
The difficulty in all this is that even with such mechanisms in place it may still be possible to inject self contained code that can make valid relative memory references when running allowing malicious code to execute.
Checkout this posting on stackoverflow which contains links to more information on buffer overflows.
135
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
