312-50V11 · Question #223
What is the code written for?
The correct answer is A. Buffer Overflow. The code is written to exploit a buffer overflow vulnerability by writing data beyond a buffer's allocated boundary to overwrite adjacent memory and hijack execution flow.
Question
What is the code written for?
Exhibit
Options
- ABuffer Overflow
- BEncryption
- CDenial-of-service (DoS)
- DBruteforce
How the community answered
(37 responses)- A73% (27)
- B11% (4)
- C14% (5)
- D3% (1)
Why each option
The code is written to exploit a buffer overflow vulnerability by writing data beyond a buffer's allocated boundary to overwrite adjacent memory and hijack execution flow.
Buffer overflow exploit code works by supplying input larger than a fixed-size buffer can hold, overflowing into adjacent memory regions such as the return address or saved instruction pointer. This allows an attacker to redirect program execution to attacker-controlled shellcode or a desired memory location. Characteristic indicators in such code include oversized input strings, unbounded memory copy operations (e.g., strcpy, gets), and direct memory address manipulation.
Encryption code applies cryptographic algorithms such as AES or XOR with a key to transform plaintext into ciphertext, which involves key scheduling and mathematical transformations - not memory buffer manipulation.
Denial-of-service code is designed to exhaust resources or flood a service with requests to cause unavailability, not to overwrite memory to redirect code execution.
Bruteforce code systematically iterates through credential or key combinations using loops and comparison logic, not memory buffer writes or address manipulation.
Concept tested: Buffer overflow exploit code identification and characteristics
Source: https://owasp.org/www-community/vulnerabilities/Buffer_Overflow
Topics
Community Discussion
No community discussion yet for this question.
