Packt+ | Advance your knowledge in tech

You're reading from Python Penetration Testing Cookbook Practical recipes on implementing information gathering, network security, intrusion detection, and post-exploitation

Product type Paperback

Published in Nov 2017

Publisher Packt

ISBN-13 9781784399771

Length 226 pages

Edition 1st Edition

Languages

Python

Tools

BeautifulSoup

Concepts

Network Security

Author (1):

Rejah Rehim

View More author details

Table of Contents (21) Chapters

Title Page

Credits

About the Author

About the Reviewers

www.PacktPub.com

Customer Feedback

Preface

1. Why Python in Penetration Testing?

2. Setting Up a Python Environment FREE CHAPTER

3. Web Scraping with Python

4. Data Parsing with Python

5. Web Scraping with Scrapy and BeautifulSoup

6. Network Scanning with Python

7. Network Sniffing with Python

8. Scapy Basics

9. Wi-Fi Sniffing

10. Layer 2 Attacks

11. TCP/IP Attacks

12. Introduction to Exploit Development

13. Windows Exploit Development

14. Linux Exploit Development

Buffer overflow

Buffer overflow can cause the program to crash or leak private information. A buffer in case of a running program, can be considered as a section in a computer's main memory with specific boundaries, so basically accessing any buffer outside this allocated region of memory space.

As the variables are stored together in stack/heap, accessing anything outside this boundary may cause read/write of some bytes of some other variables. But with a better understanding we can execute some attacks.

How to do it...

Follow the steps to generate an exploit code for buffer overflow attacks in Linux environment:

We have to create a vulnerable application for the test. Create a bof.c file and add the following code:

#include <stdio.h>  
void secretFunction() 
{ 
printf("Congratulations!\n"); 
printf("You have entered in the secret function!\n"); 
}  
void echo() 
{ 
char buffer[20];  
printf("Enter some text:\n"); 
scanf("%s", buffer); 
printf("You entered: %s\n", buffer); 
}  
int main...