Buffer Overflow Lesson Idea
Closed this issue · 1 comments
GoogleCodeExporter commented
It seems that no one can come up with the idea on how to implement Buffer
Overflow on java platform for WebGoat lesson.
I also couldn't think it. Now I've got an idea.
My proposed idea is indirect means of executing BO.
Write a simple C HTTP server program that accepts GET request with
unchecked validation on variables.
BO lesson will have allowed commands to send to this sever program.
Then, we trigger Buffer Overflow via malicious GET request.
Upon the server crash/stop or successfully executing system commands, the
lesson is marked as completed.
Original issue reported on code.google.com by yehg.net
on 3 May 2010 at 4:32
GoogleCodeExporter commented
Buffer overflow lesson was added in 5.4. I am open to having you build a
lesson from your comments.
Original comment by mayhe...@gmail.com
on 23 Apr 2012 at 1:27
- Changed state: Fixed