BBC BASIC for Windows
Programming >> BBC BASIC language >> Re: online program continued http://bb4w.conforums.com/index.cgi?board=language&action=display&num=1380630534 Re: online program continued
Post by admin on Oct 1st, 2013, 12:54pm
And what exactly is responsible for cleaning up after a user mode crashed app? Now let me guess.....oh wait it's the kernel, what a coincidence.
You don't understand. Once the kernel has got to the point of 'cleaning up' the threat is over. The program will have crashed, so there will have been a successful 'denial of service' (DoS), but that's not the primary objective of the attack.
What the attacker is attempting to do by means of a buffer-overflow it to create an exploit that does not result in a crash. Typically he wants to modify the heap or the stack in such a way that control will be transferred to his own code, which can then do anything it likes at the same security level as the program being attacked.
To achieve that he needs to have detailed information about the program, since only by that means can he work out exactly what to store beyond the end of the legitimate buffer to have the desired effect.
Quote:
You really can't admit when you wrong can you?
As I have said before, when I am wrong I am very happy to admit it. The archives of this forum and the Yahoo group prove it, so why make a claim that anybody can easily discover is false?