如何利用整数溢出? [英] How is integer overflow exploitable?

问题描述

有没有人详细解释如何利用整数?我已经阅读了很多关于这个概念的内容，我了解它是什么，我了解缓冲区溢出，但我不明白如何通过使整数大于它定义的内存....

Does anyone have a detailed explanation on how integers can be exploited? I have been reading a lot about the concept, and I understand what an it is, and I understand buffer overflows, but I dont understand how one could modify memory reliably, or in a way to modify application flow, by making an integer larger than its defined memory....

推荐答案

它肯定是可以利用的，但当然要视情况而定.

It is definitely exploitable, but depends on the situation of course.

旧版本的 ssh 有一个整数溢出，可以被远程利用.该漏洞导致 ssh 守护进程创建一个大小为零的哈希表，并在尝试在其中存储一些值时覆盖内存.

Old versions ssh had an integer overflow which could be exploited remotely. The exploit caused the ssh daemon to create a hashtable of size zero and overwrite memory when it tried to store some values in there.

有关 ssh 整数溢出的更多详细信息:http://www.kb.cert.org/vuls/id/945216

More details on the ssh integer overflow: http://www.kb.cert.org/vuls/id/945216

关于整数溢出的更多细节:http://projects.webappsec.org/w/page/13246946/Integer%20Overflows

More details on integer overflow: http://projects.webappsec.org/w/page/13246946/Integer%20Overflows

这篇关于如何利用整数溢出?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！