1
00:00:00,280 --> 00:00:05,650
And Lou everybody when it comes to my advanced ethical hacking networking penetration testing goes

2
00:00:15,270 --> 00:00:21,030
disputing who will call her the concept of a buffer overflow.

3
00:00:21,030 --> 00:00:26,700
Here we are moving just to tell you what is a buffer overflow and then how it works.

4
00:00:26,700 --> 00:00:33,420
What is the countermeasures that you can take so that we can avoid being affected from this kind of

5
00:00:33,570 --> 00:00:34,050
attack.

6
00:00:34,330 --> 00:00:35,020
Okay.

7
00:00:35,250 --> 00:00:38,580
First thing first as you see buffer is a memory.

8
00:00:38,580 --> 00:00:39,020
Oh yeah.

9
00:00:39,030 --> 00:00:48,720
Which old data which holds the information for overflow is a situation arises when you try to put the

10
00:00:48,720 --> 00:00:57,270
data in new way which is more than the size of the airway and you haven't put any exceptions or anything.

11
00:00:57,360 --> 00:00:58,230
What I mean by that.

12
00:00:58,590 --> 00:00:59,010
Okay.

13
00:00:59,040 --> 00:01:08,010
So you keep on feeling away way but if the time comes when your airway ends and you overweight what

14
00:01:08,010 --> 00:01:18,090
was there you know this is like a base which has in the amount of size and the data which is sent there

15
00:01:18,690 --> 00:01:23,230
of both the size of the debt of the recipient.

16
00:01:23,250 --> 00:01:24,240
Okay.

17
00:01:24,360 --> 00:01:27,920
Here you here we can see that.

18
00:01:27,920 --> 00:01:34,850
So you can say buffer overflow of buffer over one as we say it is a colon sort of coding mistake that

19
00:01:34,910 --> 00:01:42,570
an attacker could exploit to gain access through a system or to make your system known which your you

20
00:01:42,570 --> 00:01:47,090
know to effectively mitigate buffer overflow vulnerabilities.

21
00:01:47,120 --> 00:01:55,750
It is crucial to understand exactly what they are what the danger is they can pose and they can keep

22
00:01:55,760 --> 00:01:57,240
to a system.

23
00:01:57,260 --> 00:02:05,520
And what techniques attackers that are so used to successfully again gain control of your computer or

24
00:02:05,520 --> 00:02:07,710
off your devices.

25
00:02:07,730 --> 00:02:09,110
This was all going.

26
00:02:09,110 --> 00:02:11,000
There is more data in it for that.

27
00:02:11,000 --> 00:02:11,560
Okay.

28
00:02:11,600 --> 00:02:19,100
So we see that already and this vulnerability can cause a system crash worse quit and then try upwind

29
00:02:19,220 --> 00:02:20,740
for a cyber attack.

30
00:02:21,100 --> 00:02:30,430
And then if you're a Windows user sometimes if you go to a desk manager you can control how much discipline

31
00:02:30,680 --> 00:02:33,030
is moving up moving down.

32
00:02:33,030 --> 00:02:41,510
We are moving down OK in the next few minutes we are going to elaborate more about how it works.

33
00:02:42,310 --> 00:02:43,610
OK.

34
00:02:43,610 --> 00:02:51,680
C C and C++ most susceptible to buffer overflow security from endpoints should include regular testing

35
00:02:51,680 --> 00:02:53,600
to detect and fix them.

36
00:02:53,600 --> 00:02:59,780
So these appointees includes automatic protection language level and balance checking at time.

37
00:03:00,320 --> 00:03:07,730
And here there are some Web application software that are allowing there in the network to that you

38
00:03:07,730 --> 00:03:17,810
can try to test your application before she'd be before to make it available to the public.

39
00:03:17,810 --> 00:03:18,470
OK.

40
00:03:19,130 --> 00:03:22,940
So here this is not a definition guys.

41
00:03:22,940 --> 00:03:29,210
So you can go to the Internet and then just try to type what is a buffer overflow how it works.

42
00:03:29,210 --> 00:03:30,070
Stuff like that.

43
00:03:30,380 --> 00:03:37,990
Yeah you get and then buffer overflow attack in some cases the anniversary can create a payload called

44
00:03:38,120 --> 00:03:45,770
it and then removed it has been co-opted by do overflow in an other case the attacker simply takes advantage

45
00:03:45,860 --> 00:03:50,380
of the of the overflow and it's co-option of the projects in we.

46
00:03:51,020 --> 00:03:55,850
Let's consider a program that we kissed a user password in order to go into areas or access to this

47
00:03:55,850 --> 00:03:58,510
system and the code below.

48
00:03:58,560 --> 00:04:04,970
So we are going to explain you how that might get the wood privileges.

49
00:04:05,060 --> 00:04:10,500
I mean to escalate the privileges is it this is the password is encoded and it will come within that

50
00:04:10,510 --> 00:04:11,930
and go into new user privileges.

51
00:04:12,220 --> 00:04:12,800
Okay let's see.

52
00:04:13,340 --> 00:04:14,240
Okay.

53
00:04:14,770 --> 00:04:16,180
And in the code below.

54
00:04:16,190 --> 00:04:19,330
So do call it password going to the user what privileges.

55
00:04:19,340 --> 00:04:25,670
And then if the password is not call it the program will let it go and things are privileges.

56
00:04:26,350 --> 00:04:26,760
OK.

57
00:04:27,410 --> 00:04:36,790
So when if a Common App as you can see in C++ or Java or you can type these it's for displaying your

58
00:04:36,790 --> 00:04:40,210
stream text or your or your palm reader is OK.

59
00:04:40,820 --> 00:04:48,110
And the passed equal one to if past is due or is one then.

60
00:04:48,130 --> 00:04:51,700
Now give would wide to use it.

61
00:04:52,370 --> 00:04:54,320
And this is the message display.

62
00:04:54,650 --> 00:04:56,190
And we turn will.

63
00:04:56,490 --> 00:04:59,900
And so it determines how it set out.

64
00:05:00,050 --> 00:05:06,950
However there is a possibility open for overflow in this program because they get the gates function

65
00:05:06,980 --> 00:05:09,620
does not check the bounds.

66
00:05:09,680 --> 00:05:12,400
This is fairly valuable important.

67
00:05:12,410 --> 00:05:23,600
Here is an example of what an attacker could do with this code called Dodd the F overflow into the password

68
00:05:24,190 --> 00:05:31,620
something he writes and then one password which would privileges given to the user in the above example.

69
00:05:31,620 --> 00:05:32,560
It began with D.

70
00:05:32,630 --> 00:05:38,910
Use the would privileges even though the user until it encoded password and in this case the attacker

71
00:05:38,920 --> 00:05:39,690
show pride.

72
00:05:42,600 --> 00:05:43,080
Here.

73
00:05:43,410 --> 00:05:50,550
So we were talking about some applications which are allowing dealing in their weapons so that we can

74
00:05:50,550 --> 00:06:00,690
use them to test all codes or to test or open come first then defined the binary static application

75
00:06:00,690 --> 00:06:04,870
security testing technology analyzes all codes.

76
00:06:05,910 --> 00:06:12,130
So what did supplements static application security testing supplements to it.

77
00:06:12,130 --> 00:06:16,670
Modelling in code we view is performed by different pros or by programmers.

78
00:06:16,740 --> 00:06:24,270
Fi finding codes equal an omission more quickly and omission and omissions more quickly and in a lower

79
00:06:24,270 --> 00:06:26,310
cost via automation.

80
00:06:26,520 --> 00:06:32,850
It's typically one in the early phases of software development lifecycle because it's easier and less

81
00:06:32,850 --> 00:06:38,160
expensive to fix those problems before going into the production deployment.

82
00:06:39,770 --> 00:06:52,520
So SS has a very good cool quote ability to take to identifies so many where no one attack like a secured

83
00:06:52,520 --> 00:06:58,310
injection express this attack buffer overflows and so and so and so on.

84
00:06:58,310 --> 00:07:04,310
So to get much more information about it you can try to visit this link and then you will find maybe

85
00:07:04,310 --> 00:07:09,040
more information fairly important guys I'll require you to check out it all right.

86
00:07:09,410 --> 00:07:15,380
So now knowing all this stuff what is a buffer overflow.

87
00:07:15,410 --> 00:07:16,250
How it works.

88
00:07:16,430 --> 00:07:25,060
Now it's the time to know how to protect yourself or how to take their word against the buffer overflow.

89
00:07:25,440 --> 00:07:25,990
Okay.

90
00:07:28,160 --> 00:07:35,960
So first of all we have it kind of made or we can have a hardware device IED as if the intrusion detection

91
00:07:36,500 --> 00:07:47,570
system or intrusion detection system was in network in some particular or computer devices.

92
00:07:47,660 --> 00:07:55,310
So you can set up an intrusion detection system an intrusion prevention system so that they prevent

93
00:07:55,340 --> 00:08:06,230
the sound the second point is to try to always create a village stone cold before going into it by yourself.

94
00:08:06,260 --> 00:08:16,220
Don't leave the space where they shouldn't be and then try to always secure your application so that

95
00:08:16,640 --> 00:08:25,190
the attacker doesn't find the place to inject code or to get an advantage from you because by doing

96
00:08:25,190 --> 00:08:32,480
so by letting the attacker of all of this who rules on all his vulnerabilities I'm telling you he's

97
00:08:32,480 --> 00:08:33,340
not your boy.

98
00:08:33,470 --> 00:08:42,580
So he's going to exploit your predations when you and get control of it or try to make his own stuff.

99
00:08:43,130 --> 00:08:45,230
So always be careful.

100
00:08:47,940 --> 00:08:49,630
Indecision cookies.

101
00:08:49,700 --> 00:08:51,660
Some some information might be there.

102
00:08:51,660 --> 00:08:59,940
For example the name or the address of the location address or any other teens even some password can

103
00:08:59,940 --> 00:09:01,380
be hidden in some cookies.

104
00:09:01,380 --> 00:09:06,320
But that's why I would ask you to always take care of them.

105
00:09:06,390 --> 00:09:13,490
Okay so this cookie inform us and we'll be all be served by the program so that maybe one of them executed

106
00:09:13,960 --> 00:09:18,520
you can go to start page here or to go on and download this tool.

107
00:09:18,640 --> 00:09:27,000
So this tool you can use it just to verify or to check to make sure that your program which you are

108
00:09:27,000 --> 00:09:32,220
using on your machine has no vulnerabilities related to for overflow.

109
00:09:32,340 --> 00:09:36,000
That can be one meter of every protection from buffer overflow.

110
00:09:36,270 --> 00:09:37,320
It's really hard for

111
00:09:45,990 --> 00:09:53,820
so the last part is that so you can always keep checking your dog files so that if ever any kind of

112
00:09:53,940 --> 00:10:01,260
attack has been happening on your system by doing so then finally you really get the information and

113
00:10:01,260 --> 00:10:07,350
then by getting those does that information you would control that.

114
00:10:07,530 --> 00:10:15,260
What about the reason why it made me to have this kind of attack.

115
00:10:15,450 --> 00:10:23,940
If you get all these information in apparent over and so you can complete the qualities and then you

116
00:10:23,940 --> 00:10:34,500
can maintain the security level at the top because not only you know that something went one but you

117
00:10:34,500 --> 00:10:38,210
know the reason that that thing went well.

118
00:10:38,310 --> 00:10:39,560
This is really important.

119
00:10:39,560 --> 00:10:40,420
Cybersecurity.

120
00:10:40,420 --> 00:10:40,890
Oh yeah.

121
00:10:41,310 --> 00:10:46,280
Because it says that when you get to not a problem.

122
00:10:46,290 --> 00:10:54,300
So even if that problem is not solved yet but it's solved in half because you already and because you

123
00:10:54,300 --> 00:10:55,820
already know the problem.

124
00:10:55,950 --> 00:11:03,720
So when if you know a problem it's you are in a way of solving it.

125
00:11:04,990 --> 00:11:14,170
Okay now let's give a report of how to yes product position with index non executive bar and X the execution

126
00:11:14,180 --> 00:11:15,760
disable features.

127
00:11:15,790 --> 00:11:18,630
It is a technology used in simple you.

128
00:11:18,630 --> 00:11:21,320
It used to be you is already is right.

129
00:11:21,320 --> 00:11:32,170
Did you enjoy any of your computer for storing that or for enabling your computer to run smoothly without

130
00:11:32,590 --> 00:11:34,280
any kind of problem.

131
00:11:34,290 --> 00:11:34,690
No.

132
00:11:34,810 --> 00:11:39,020
So if you're simply you is too high.

133
00:11:39,320 --> 00:11:43,630
So your computer might get freezing in some Nix videos.

134
00:11:43,750 --> 00:11:52,120
We will of course show you how to distribution attack on a distribution denial of service can make your

135
00:11:52,240 --> 00:11:53,920
computer be P.C..

136
00:11:54,200 --> 00:12:02,560
So as always we have to take care of OCP you need to know how the fluctuation is it all right.

137
00:12:03,580 --> 00:12:09,310
In this part of this video that we really think that we we try to show you.

138
00:12:09,430 --> 00:12:13,590
What does that mean before overthrowing for over a.

139
00:12:13,720 --> 00:12:22,150
And then how it works how the attack might get current on your system and tell me how to prevent yourself.

140
00:12:22,180 --> 00:12:24,820
So we are very down to having you.

141
00:12:24,820 --> 00:12:27,630
We are happy to explain you all these guys.

142
00:12:27,810 --> 00:12:29,860
So see you in the next video.

143
00:12:29,860 --> 00:12:30,340
Thank you.