Ethical Hacking: Preventing and Writing Exploits for Buffer Overflows

No ratings

Presented at RochesterSecuritySummit 2014 by

Ralph Durkee

Ralph will discuss and perform a live demonstration of a step by step technique for finding and exploiting a stack based buffer overflow vulnerability. Steps will include finding a buffer overflow vulnerability, finding and overwriting the return pointer, exploiting the vulnerability with a payload. We’ll also discuss and test mitigating techniques such as address randomization, stack protections mechanisms, non-executable stacks and of course, secure programming to prevent buffer overflows. A virtual Linux system image with the required tools and software and notes will be made available afterwards so you can “try this at home” running on your own laptop.