Lesson Plan Title: How to Exploit "Off-by-One" Buffer Overflow Vulnerabilities

Concept / Topic To Teach:

How to Exploit a Web Based "Off-by-One" Buffer Overflow.

How the attack works:

Despite being more rare, buffer overflow vulnerabilities on the web occur when a tier of the application has insufficient memory allocated to deal with the data submitted by the user. Typically, such a tier would be written in C or a similar language. For the particular subset, namely, off-by-one overflows, this lesson focuses on the consequences of being able to overwrite the position for the trailing null byte. As a result, further information is returned back to the user, due to the fact that no null byte was found.

Lesson Goal(s):

Welcome to the OWASP Hotel! Can you find out which room a VIP guest is staying in?

* Understand how a buffer overflow vulnerability can be triggered on a web application.
* Understand what type of value lengths are likely to trigger a buffer overflow.