Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
11 Cards in this Set
- Front
- Back
|
T/F: Buffer Overflows
are a result of good programming practice. |
False
|
|
|
What may allow individuals to gain root or admin access?
|
Buffer Overflows
|
|
|
What is a buffer overflow attack?
|
A buffer overflow attack is when an attacker tries to store too much information in an undersized receptacle
|
|
|
What is common implementation?
|
A common implementation is when a user of the program gives the program more data than the developers of the program allocated to store it
|
|
|
What is are Shell Escapes?
|
Shell Escapes
special character in input string causes escape to shell |
|
|
T/F: Denial of service – buffer overflow will not cause the system to crash.
|
FALSE
|
|
|
T/F: Since important information needed by the OS to continue running can be located on the stack, by overflowing with enough data you can wipe out this important information.
|
TRUE
|
|
|
T/F: You can point to your code if you overwrite just the right amount of information to overflow the stack and rewrite the return address pointer.
|
TRUE
|
|
|
T/F: The attacker’s code will run at whatever privileges the software that is exploited is running at
|
TRUE
|
|
|
T/F: In most cases, an attacker tries to exploit programs that are running as a privileged account such as root or domain administrator.
|
TRUE
|
|
|
What is the rule of thumb for protecting against buffer overflow attacks?
|
Know what is installed on your systems and have the least amount of services running and ports open that are required for the system to operate in a specific environment.”
|
