Social Engineering - Christopher Hadnagy [97]
The developer allocated a certain amount of memory space for the User Name field, enough to hold the word admin a couple times. What happens if you put 20 A’s in that field and click OK?
The program crashes and gives you an error message. Why? The input entered is longer than the allocated space and without proper error handling the program throws an exception and crashes.
The goal of software hackers is to find the address that the program will call upon in a crash and insert malicious code into that address. By controlling the execution flow the hacker can tell the program to “execute” any program he desires. He can inject commands of any type into the memory space of that program because he now controls it. As a penetration tester few things are more exciting than seeing a program execute commands you tell it to.
The human mind runs “software” and over the years you build instruction sets, buffers, and memory lengths into your “software package.”
Before applying this to the human mind, definitions of a few technical terms are necessary. A buffer is an area of space that is given for something to happen or to hold data. As in the simplistic glass-of-water example, the password field is given a buffer, which is the number of characters that it is allowed to have. If a larger number than the buffer is entered the programmer needs to tell the program to do something with the larger than necessary data set.
If he doesn’t, the computer crashes and your program shuts down. Often what happens in the background is the program didn’t know what to do with all the data so it overflowed the allocated space, crashed the program, and exited. Hence the term buffer overflow.
The human mind works in a similar way. Space is allocated for certain datasets. If a certain dataset does not fit the space we have for it, what happens? Unlike a computer, your brain doesn’t crash, but it does open up a momentary gap that allows for a command to be injected so the brain can be told what to do with the extra data.
A human buffer overflow is basically the same principle. The goal is to identify a running “program” and insert codes into that program that will allow you to inject commands and in essence control the movement of thought to a certain direction.
To test this concept, take a look at a very simplistic example (see Figure 5-16).
Because the picture in this book is black and white, I have put a color copy up on the website at www.social-engineer.org/resources/book/HumanBufferOverflow1.jpg.
Here is the gist. Open that URL, and then as fast as you can try to read the color of the word, not what the word spells.
Figure 5-16: Human buffer overflow experiment 1.
This game is not as easy as it looks. If you successfully get through it, then try to do the exercise faster and faster. What will happen to most, if not all, of us, is that at least once you will read the word and not the color, or find yourself struggling through it.
Why do we have such a hard time with this exercise? It is because of injected commands. Our brains want to read the words not the colors. It is the way the human mind is wired. Our brain sees the color but it reacts to the word being spelled first. Therefore, the thought in our minds is the word not the color. This exercise shows that having “code” execute in the human brain that might be the opposite of what the person is thinking or seeing is possible.
Setting the Ground Rules
In a paper entitled “Modification of Audible and Visual Speech” (www.prometheus-inc.com/asi/multimedia1998/papers/covell.pdf) researchers Michele Covell, Malcolm Slaney, Cristoph Bregler, and Margaret Withgott state that scientists have proven that people speak 150 words per minute but think at 500–600 words per minute. This means that most people you talk to can jump around your conversations in their heads. So overflowing the brain through fast speech seems almost impossible.
You must also understand how people make decisions