- Forum
- General C++ Programming
- C++ program vunerablilities
C++ program vunerablilities
It recently crossed my mind how people go about exploiting c++ programs. Im not exactly asking for a tutorial so I can go and cause harm to programs or manipulate them to do bad things. It just got me wondering how people find such exploits and execute them, do they write conflicting code that can override or change the program? Do they have tools to break the program down? I guess in a way it is similar to hacking whether it be a client program or a program that uses networks. Surely to be able to combat the techniques people use, you will have to have a basic understanding of how they do it.
Well, I am not so sure of this myself, so I will do what I like to do best: speculate!
We'll use game mods for an example. When you look into the game's directory, you find a bunch of .dlls and such. My guess is that they just open the .dll and get the code from there.
As for hackers... Hmm.. Big guess here, probably wrong, but I assume they get access (remotely, obviously) to the computer that the program is built on and get into the program files from there, then build the new version, then release the hacked version in an update or something...
The first one is more realistic... but the latter... a little bit far fetched....
We'll use game mods for an example. When you look into the game's directory, you find a bunch of .dlls and such. My guess is that they just open the .dll and get the code from there.
As for hackers... Hmm.. Big guess here, probably wrong, but I assume they get access (remotely, obviously) to the computer that the program is built on and get into the program files from there, then build the new version, then release the hacked version in an update or something...
The first one is more realistic... but the latter... a little bit far fetched....
> Surely to be able to combat the techniques people use,
> you will have to have a basic understanding of how they do it.
Yes.
These articles (articles under sections 'Exploit Writing Tutorials', 'Exploits', '001_Security') may help you get started with understanding exploits: https://www.corelan.be/index.php/articles/
Re. writing C++ programs in a way that avoids/minimises vulnerabilities:
http://www.amazon.com/Secure-Coding-Edition-Software-Engineering/dp/0321822137
http://www.amazon.com/dp/0596003943
https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=637
> you will have to have a basic understanding of how they do it.
Yes.
These articles (articles under sections 'Exploit Writing Tutorials', 'Exploits', '001_Security') may help you get started with understanding exploits: https://www.corelan.be/index.php/articles/
Re. writing C++ programs in a way that avoids/minimises vulnerabilities:
http://www.amazon.com/Secure-Coding-Edition-Software-Engineering/dp/0321822137
http://www.amazon.com/dp/0596003943
https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=637
Last edited on
Thank you, this is brilliant. It always intrigued me how these things were possible, although when working with code, things like this are clearly possible and it always crossed my mind how I would combat these things should I create something that would need to be protected one day.
Topic archived. No new replies allowed.