Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

7. eCPPTv2 > Buffer Overflow > Flashcards

Buffer Overflow Flashcards

1
Q

Local Shellcode

A
  • used to exploit local processes in order to privesc
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Remote Shellcode

A
  • sent through the network along with an exploit
  • the exploit will allow the shellcode to be injected into the process and executed
  • goal is to provide remote access to the exploited machine
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the types of Remote Shellcode?

A
  • connect back
  • bind shell
  • socket reuse
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Connect Back

A
  • shellcode initiates a connection back to the attacker’s machine
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Bind Shell

A
  • shellcode binds a shell (or command prompt) to a certain port on which the attacker can connect
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Socket Reuse

A
  • establishes a connection to a vulnerable process that does not close before the shellcode is run
  • the shellcode can then re-use this connection to communicate with the attacker
  • generally not used due to complexity
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Staged Shellcode

A
  • used when the shellcode size is bigger than the space that an attacker can use for injections (within the process)
  • small piece of shellcode (stage 1) is executed
  • this code then fetches a larger piece of shellcode (stage 2) into the process memory and executes it
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Egg-hunt Shellcode

A
  • used when a larger shellcode can be injected into the process but, it is unknown where in the process this shellcode will be actually injected
  • divided into 2 pieces:
    1. a small shellcode (egg-hunter)
    2. bigger shellcode (egg)
  • the only thing the egg-hunter has to do is search for the Egg within the process address space
  • at that point, the execution of the bigger shellcode (Egg) begins
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Omelet Shellcode

A
  • similar to Egg-hunt, but we do not have one larger shellcode (the egg)
  • instead we have smaller eggs (shellcodes)
  • they are combined together and executed
  • used to avoid shellcode detectors
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

NULL characters

A
  • C language string functions work until a NULL (0 byte) is found
  • if shellcode contains a NULL character, it will fail
  • shellcode should be Null-free to guarantee the execution
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Encoding Shellcode

A
  • replacing machine instructions containing zeroes, with instructions that do not contain the zeroes, but achieve the same tasks
  • results in machine code that is NULL free
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

7. eCPPTv2 (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions