Reader small image

You're reading from  Ethical Hacking Workshop

Product typeBook
Published inOct 2023
PublisherPackt
ISBN-139781804612590
Edition1st Edition
Right arrow
Authors (2):
Rishalin Pillay
Rishalin Pillay
author image
Rishalin Pillay

Rishalin Pillay is an Offensive Cybersecurity expert who holds a number of awards and certifications from multiple companies in the Cybersecurity industry. He is well known for his contributions to online learning courses related to Red Teaming and as the author of Learn Penetration Testing. He holds Content Publisher Gold and Platinum awards for his contributions made towards the Cybersecurity Industry, including the Events Speaker Gold award for influential public speaking at Tier-1 business events.
Read more about Rishalin Pillay

Mohammed Abutheraa
Mohammed Abutheraa
author image
Mohammed Abutheraa

Mohammed Abutheraa is Cybersecurity specialist who has over 15 years of experience in IT security, risk management, security infrastructure, and technology implementation in both private and public sector environments. He worked as Incident Response and Remediation Advisor and supported customers remediating against major incidents in the last years. He has experience in Threat Intelligence and Proactive Services like Vulnerability Assessments and Red / Purple Teaming experiences.
Read more about Mohammed Abutheraa

View More author details
Right arrow

Code-based attacks

Code-based attacks imply using vulnerabilities or weak/unsecure coding practices that can lead to exploitable applications. These exploits can allow attackers to modify or run executables or commands that result in gaining access to the system, reading data, modifying data, and more. In this section, we will discuss two very common types of attacks: buffer overflow and format string attacks.

Buffer overflow

Buffer overflow is one of the most common code-based attacks. It simply sends more or additional data into applications that don’t parse inputs. It works by moving data into memory if the applications don’t have a proper way to do limit checking and parsing on data. A simple example of a buffer overflow attack is a login page that is expecting an input of 8 bytes. If you send more than 8 bytes of data, the additional data will be written to an overflow buffer. This overflow buffer would be a piece of memory that is allocated to a different...

lock icon
The rest of the page is locked
Previous PageNext Page
You have been reading a chapter from
Ethical Hacking Workshop
Published in: Oct 2023Publisher: PacktISBN-13: 9781804612590

Authors (2)

author image
Rishalin Pillay

Rishalin Pillay is an Offensive Cybersecurity expert who holds a number of awards and certifications from multiple companies in the Cybersecurity industry. He is well known for his contributions to online learning courses related to Red Teaming and as the author of Learn Penetration Testing. He holds Content Publisher Gold and Platinum awards for his contributions made towards the Cybersecurity Industry, including the Events Speaker Gold award for influential public speaking at Tier-1 business events.
Read more about Rishalin Pillay

author image
Mohammed Abutheraa

Mohammed Abutheraa is Cybersecurity specialist who has over 15 years of experience in IT security, risk management, security infrastructure, and technology implementation in both private and public sector environments. He worked as Incident Response and Remediation Advisor and supported customers remediating against major incidents in the last years. He has experience in Threat Intelligence and Proactive Services like Vulnerability Assessments and Red / Purple Teaming experiences.
Read more about Mohammed Abutheraa