adplus-dvertising
frame-decoration

Question

How can an attacker defeat stack checking?

a.

By overwriting the area in the stack where parameters were passed to the function

b.

By using a specially crafted buffer to overwrite the memory address used for returning values to the caller

c.

By figuring out an address to write to in memory that would allow them to run their own code before the process is terminated by the stack-checking code

d.

All of the above

Posted under Reverse Engineering

Answer: (d).All of the above Explanation:Attackers can defeat stack checking by overwriting the area in the stack where parameters were passed to the function, using a specially crafted buffer to overwrite the memory address used for returning values to the caller, and figuring out an address to write to in memory that would allow them to run their own code before the process is terminated by the stack-checking code.

Engage with the Community - Add Your Comment

Confused About the Answer? Ask for Details Here.

Know the Explanation? Add it Here.

Q. How can an attacker defeat stack checking?

Similar Questions

Discover Related MCQs

Q. What is nonexecutable memory?

Q. Which processors provide support for nonexecutable memory?

Q. Which operating systems support nonexecutable memory?

Q. Does nonexecutable memory completely eliminate the problem of buffer overflow attacks?

Q. What is the most popular strategy for attackers to overcome the hurdles imposed by nonexecutable memory systems?

Q. Which option is used for returning values to the caller in functions?

Q. Which type of vulnerability is required for an attacker to exploit the buffer overflow bug?

Q. What is the purpose of stack-checking mechanisms embedded into programs?

Q. What is a heap overflow?

Q. How does a heap overflow attack work?

Q. How are heaps arranged?

Q. What causes the program to crash in a heap overflow attack?

Q. How can attackers take advantage of the heap's linked-list structure?

Q. Why are heap overflows less common than stack overflows?

Q. What is the most common example of overflow attacks?

Q. What is the risk of using the strcpy function?

Q. What are heap overflows and why are they less common than stack overflows?

Q. What is the most common example of string-related overflow attacks?

Q. What happens if an attacker's string is internally converted into Unicode before it reaches the vulnerable function?

Q. What are integer overflows?