Let's study a worm!
The Ramen Worm
...
Guess how does it exploit and propagate to other systems?
FORMAT STRING VULNERABILITIES!
#include <stdio.h>
void function(char *user) {
printf(user);
}
The behaviour of the format function is controlled by the format string. The function retrieves the parameters requested by the format string from the stack
So what is the stack anyway?
Stack is used largely during a function call but depending on the language and level of programming it may be used to temporarily store processor register data or other variables.
{
char buffer[512];
snprintf (buffer, sizeof (buffer), user);
buffer[sizeof (buffer) - 1] = ’\0’;
}
{
char buffer[512];
snprintf (buffer, sizeof (buffer), user);
buffer[sizeof (buffer) - 1] = ’\0’;
}