安全编程之缓冲区溢出.ppt

安全编程之缓冲区溢出 内容 缓冲区溢出初步(标准栈溢出) 总结 提问 深入了解缓冲区溢出 总结 提问 安全编程防止缓冲区溢出(一些实例) 拓展:非x86平台上的缓冲区溢出 总结 提问 History 1988 : Robert Morris Internet Worms BSD fingerd buffer overflow Vulnerability /bid/2/ 1996 : Smashing The Stack for Fun and Profit Aleph One 1999 : w00w00 on heap/bss overflow 2001 : free() 2002 : Integer overflow Kernel Buffer overflow, Misc shellcode, worm,…… Why we learn it? Black Hat White Hat Inform the vendor before expose the vul. No exploit in the advisory Concept code always Write the exploit yourself in your hacking Security base knowledge Deep into your world Secure programming A