Shulou(Shulou.com)06/01 Report--

Buffer overflows are so well-known that we don't have to explore how they work, just what they can do. If a buffer overflow can be successfully performed on the remote computer, then the Shell of the remote computer can be obtained, and various commands can be directly executed on the remote computer as an administrator. In other words, the remote computer becomes a broiler.

A successful buffer overflow requires a vulnerability on the computer. Microsoft has a naming scheme for vulnerabilities in Windows systems, such as MS08_067, MS for Microsoft, and 08_067 for vulnerability 67 in 2008. There are several well-known vulnerabilities that can cause buffer overflows: ms04_011, ms06_040, ms08_067.

Buffer overflow tools are mainly MetaSploit Framework, which is a comprehensive platform for vulnerability exploitation and testing, which integrates various common overflow tools, software download address http://down.51cto.com/data/1899911.

The biggest difficulty in running buffer overflow experiments is that it is difficult to find vulnerable systems, so we set up an old Win2000 server (IP address 192.168.80.132) in a virtual machine as a *** target.

First install MetaSploit Framework on *** side. After installation, click "Program"--"Metasploit 3"--"Metasploit 3 GUI" from the Start menu. The interface is shown as follows:

Enter the vulnerability name directly in the search bar, such as "ms08_067", and then click Search, the corresponding vulnerability exploitation tool "ms08_067_netapi" will be returned:

Double-click to return the result "ms08_067_netapi", select the target operating system to ***, select default here:

After clicking the "Forward" button, select the payload parameter "windows/shell_bind_tcp":

Fill in the target IP address in the RHOST parameter, proceed with the default configuration for other items, and then click the "Forward" button:

Check the settings, click "Apply" and start ***:

If *** succeeds, you can see the contents in the following figure in the sessions column in the lower right corner of the metasploit interface. Double-click to get the shell (DOS command line) on the *** host.

Next, you can perform various *** or backdoor operations in the shell, so I won't talk about it here.

The simple way to prevent buffer overflows is to patch them. Since no serious buffer overflow vulnerabilities have been found in recent years, basically as long as the SP patch package is installed on the computer is not vulnerable.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.