BUILDS Project: Buffer Overflows in gsubmit

buildscc | 20 Apr 2010 | | news

In mid February, BUILDS found a Buffer Overflow exploit in gsubmit, an assignment submission tool actively used in the Boston University Computer Science Department. Upon discovering the vulnerability and authoring a proof of concept exploit, the CS Department and Lab Administrators were made aware of the problem. A new version of gsubmit which fixed these problems was installed on March 19, 2010, the day that BUILDS presented a poster and demo on this topic at the BU Computer Science Research Open House.

In the course of this project, work started on developing a tool that can statically analyze an ELF binary object for potential security vulnerabilities. Dubbed “Low Hanging Fruit”, this tool aims to discover possible problems in the binary, such as unchecked buffers, potentially dangerous library calls (such as the system() function), format string exploit attack vectors, etc. Development is ongoing, using the libelf and libdisasm libraries.

Submitted poster (with a full writeup of the hack)

Project contact: Kyle Brogle broglekATbuDOTedu


Older · View Archive (146)

BUILDS Security: Buffer Overflows in gsubmit

BUILDS Security: Buffer Overflows in gsubmit

In mid February, BUILDS found a Buffer Overflow exploit in gsubmit, an assignment submission tool actively used in the Boston University Computer Science Department. Upon discovering the vulnerability and authoring a proof of concept exploit, the CS Department and Lab Administrators were made aware of the problem. A new version of gsubmit which fixed these problems was installed on March 19, 2010, the day that BUILDS presented a poster and demo on this topic at the BU Computer Science Research Open House [1].

Paper

Low Hanging Fruit

In the course of this project, work started on developing a tool that can statically analyze an ELF binary object for potential security vulnerabilities. Dubbed “Low Hanging Fruit”, this tool aims to discover possible problems in the binary, such as unchecked buffers, potentially dangerous library calls (such as the system() function), format string exploit attack vectors, etc. Development is ongoing, using the libelf and libdisasm libraries.

Future Work

  • Continue development of Low-Hanging Fruit
  • Use the vulnerable version of gsubmit as a tool to experiment with defeating different methods of Linux and gcc security.
  • Possibly adapt a more generalized version of our research for presentation to a wider audience.

Newer

BUILDS in the News

Since our inception at the beginning of this year, BUILDS has appeared regularly in student news outlets and in the official university press, BU Today. Check out what the 4th Estate has to say about our space:

BU Today Article – “A Place to Hack or Just Hang”

http://www.bu.edu/today/node/10468

A great article that goes a bit more in-depth about the philosophy and inner-mechanics of the BUILDS hackerspace.

Daily Free Press Article – “‘Hacker Space’ Invites Free Creativity, Collaboration…”

http://bit.ly/budfp

A great article from the DFP about the BUILDS Open House – slash- hackerspace unveiling last January.

Daily Free Press Article – “ID Numbers Found Online Raise Student Concern”

http://bit.ly/buidcards

An article introducing the BU ID Audit Project. Also, a great example of why it’s important to edit your robots.txt file when working on a sensitive security audit over mediawiki