Exploits VS Buffer Overflows
What does Exploit means ?
Exploit is a very small program that when utilized causes a software vulnerability to be triggered and leveraged by the attacker.
What does Buffer Overflows means ?
Buffer Overflow occurs when a buffer that has been allocated a specific storage space has more data copied to it than it can handle.
Have you checked your server's log files lately ???
Did you notice something like... this !!!
This is NOT a good sign !
Check out the following 7 lines of code...
It is simple to understand what is going on...
Line 3: Creates a directory
Line 4: Changes to the new directory
Line 5: Then changes the root directory of the current shell to the directory ..//..//..//..//
Nice... Hmmm !!!
This is the traditional way to break out of chroot jails in a Linux Operating System !!!
Recently, I had such an expirience...
You will tell me... So what ?
OK ! Let us add now a little Shellcode.
Shellcode is the code executed when a vulnerability has been exploited.
Something like this...
Then try to execute that code.
As you see, it is getting "better" and "better" !
Of course, with the latest releases of the Linux Kernel, chroot jails has been fixed, BUT there will always be something that programmers have missed. After all, they are just human.
Conclusion: We need to write more secure code !
For security reasons, as you may have already notice, the two blocks of code are in .jpg style !!!