Module Buffer Types

beSTORM's various predefined modules have their own built-in Buffer Types. These Buffer Types are used by beSTORM whenever it tests the buffers found inside the module. Each of the Buffer Types checks for different types of vulnerabilities.

For example, the Repeated A buffer type attempts to trigger an exception that is usually associated with Buffer Overflows or Heap Overflows, while the Bigger Smaller buffer type attempts to trigger exceptions related to email address (SMTP) or hostname designators (SIP).

The settings of each buffer type are configurable, and you can add additional types to the existing set of buffer types. Buffer Types have several behavioral aspects, they can be either be buffer generating (that is, they generate a buffer that increases in length), or number generating (that is, their value increases).

In addition, each Buffer Type can have other behavioral aspects such as decimal (that is, the value is represented as a number between 1 and 4,294,967,296), as a binary value (that is, the value is represented by the byte value between 0x00000000 and 0xFFFFFFFF), or a hexadecimal value (that is, the value is represented by the string representation between 0 and FFFFFFFF). Further, a buffer type's behavior is extendable by limiting its range or even adding additional encoding to it, such as in the case of Base64, in accordance with the Base64 encoding standard, and URL encoding, where we convert such characters as % to %25.

Related Topics