BBC BASIC for Windows
« Re: online program continued »
Welcome Guest. Please Login or Register. Apr 5th, 2018, 11:33pm
ATTENTION MEMBERS: Conforums will be closing it doors and discontinuing its service on April 15, 2018. Ad-Free has been deactivated. Outstanding Ad-Free credits will be reimbursed to respective payment methods.
If you require a dump of the post on your message board, please come to the support board and request it.
And what exactly is responsible for cleaning up after a user mode crashed app? Now let me guess.....oh wait it's the kernel, what a coincidence.
You don't understand. Once the kernel has got to the point of 'cleaning up' the threat is over. The program will have crashed, so there will have been a successful 'denial of service' (DoS), but that's not the primary objective of the attack.
What the attacker is attempting to do by means of a buffer-overflow it to create an exploit that does not result in a crash. Typically he wants to modify the heap or the stack in such a way that control will be transferred to his own code, which can then do anything it likes at the same security level as the program being attacked.
To achieve that he needs to have detailed information about the program, since only by that means can he work out exactly what to store beyond the end of the legitimate buffer to have the desired effect.
Quote:
You really can't admit when you wrong can you?
As I have said before, when I am wrong I am very happy to admit it. The archives of this forum and the Yahoo group prove it, so why make a claim that anybody can easily discover is false?
Logged