How to Produce a Buffer Overflowed Program in Modern Visual Studio

12/04/2018

To study binary security, it is very important for learners to write a program with buffer overflow vulnerability in order to understand how buffer overflow works. However, modern IDEs or compilers usually have default settings which prevent such thing from happening easily.

To write, compile and run a simple program with buffer overflow vulnerability, we need to change some default setting. This article will use Microsoft Visual Studio Community 2017 Version 15.9.6 as an example to illustrate the steps needed to produce a vulnerable C program.

The codes of the C program is:

#include <stdio.h>
#include <string.h>

#define PASSWORD "secret233"
#define BUFFER_SIZE 10

int check_pass(char *input)
{
    int compare = 1;
    char buffer[BUFFER_SIZE];

    compare = strcmp(input, PASSWORD);
    printf("[matched value]:%d\n", compare);

    strcpy(buffer, input);
    printf("[matched value]:%d\n", compare);

    return !compare;
}

main()
{
    int passed = 0;
    char input[1024];

    while (1) {
        printf("Enter password: ");
        scanf("%s", input);

        passed = check_pass(input);
        if (passed) {
            printf("--Password correct!\n");
            break;
        }
        else
            printf("--Wrong password. Try again.\n\n");
    }
}
...Read more

Fixing Windows CMD Font Issue

10/22/2018

Problem

One day, I suddenly found out that the font in my Windows command (CMD) was changed by something into a bad-looking non-monospace font somehow.

font

The same thing happened to my Powershell since they share the same profile.

font

Such a bad-looking font was definitely unacceptable by a heavy command line user. So, it must be fixed. Normally, I could change the font by right-clicking the title bar, selecting properties-Font. However, it didn’t work this time since the fonts I wanted were missing.

font

As the screenshot showed, the only available fonts were some Chinese fonts, which were useless in this case. So where did my programming fonts go?

...Read more

New Syntax Highlighting Style Test - C++

08/10/2018

Just updated the code syntax highlighting style. This is a sample of C++ codes from btrForensics.

...Read more

New Syntax Highlighting Style Test - PowerShell

08/09/2018

Just updated the code syntax highlighting style. This is a sample of PowerShell codes from PowerWinForensics.

...Read more

Research Paper Presented at DFRWS 2018 USA

08/01/2018

A research paper that I co-authored was presented at DFRWS (Digital Forensic Research Conference) 2018 USA. As a contributor, I am proud to have the chance to work with two researchers, Jan-Niclas Hilgert and Martin Lambertz from Fraunhofer FKIE, Bonn, Germany.

The paper was titled as Forensic analysis of multiple device BTRFS configurations using The Sleuth Kit. It discussed the multi-device feature offered by BTRFS, a modern filesystem designed for Linux to achieve rich functions and better performance.

Since BTRFS implements many advanced concepts like subvolumes, snapshots, copy on write (CoW). This paper attempted to resolve some problems brought by BTRFS multi-device support whose answers could not be found via traditional digital forensics process.

The complete paper can be found on DFRWS 2018 USA website. It was also published on Digital Investigation Volume 26, Supplement, July 2018, Pages S21-S29 with open access. Check either of the following links to read and download the paper:

DFRWS - Papers & Presentations

Elsevier - Digital Investigation - Proceedings of the Eighteenth Annual DFRWS USA

...Read more

  Page 1 of 4   Next Page

SYANG.IO © 2019