Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Comp Security > Comp Security- Week 5a > Flashcards

Comp Security- Week 5a Flashcards

1
Q

When does a format string vulnerability occur?

A

When a formatted I/O function expects more arguments than are provided

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

%d output type and passed as?

A

decimal. passed as value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

%u output type and passed as?

A

unsigned decimal. passed as value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

%x output type and passed as?

A

hexadecimal. passed as value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

%s output type and passed as?

A

string. passed as reference

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

%n output type and passed as?

A

number of bytes written so far, passed as reference

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Why is printf(buf) a sloppy use of printf function. And can a format string attack occur

A

sloppy use because format parameter is not written here.
No a format string attack cant occur because buf is not an input from the user however if they were to ask user to enter value of a variable and the correct format isnt followed a problem will occur

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Printf is a function so when its called what will be created?

A

a stack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the first thing to be pushed in stack?

A

the arguments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The first argument is always.. followed by…

A

The first argument is always the format string then followed by the specified arguments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What happens if the programmer doesnt put the format string

A

Then printf will print even if we put variables and the attacker can benefit from this

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Format string attacks allow..

A
  1. Read data from the stack from an illegal address causing program to crash (DOS)
  2. Overwrite memory to change program execution or force execution of user supplied code
  3. Access memory and extract confidential data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What can an intruder do if he has control of the format string?

A

Read items in memory by using %x
Write items in memory by using %n (write to memory location after arg1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

what happens if someone writes foobar%n

A

The num of characters in foobar=6 so that is the number of bytes that will be written to that location
The program will attempt to write the number 6 to the address
This will result in an error message and the memory wont be written and it will crash which will prove its exploitable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

when one could write to memory what are they able to do

A

With this ability they could overwrite a return pointer redirecting the execution path to the injected code

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Format string error prevention:

A
  1. Validate input data, allow legal values only
  2. Ensure user cant control format string parameters (use printf(“%s”,s) instead of printf(s)
  3. Try to use constants for string formatting parameters
  4. If available use snprintf instead of printf to convert numeric and string arguments to formatted strings

Comp Security (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions