Is it possible that an attacker puts machine code on a TCP packet? In a way that before passing to the CPU and getting an error that such a function doesn't exist on the application, it first needs to pass through the RAM, and when it's in the RAM (electrical signals), it executes the code?
1 Answer
The payload of a TCP packet are just data without any inherent meaning from the perspective of the network protocol. Any meaning, like being executable code, being an image or whatever, depends on what is processing these data.
This means an application receiving the data might explicitly be designed to interpret these data as executable code and run it. But the application might also have a security bug which leads to unintended code execution - for example if the application expects image data but is confronted with deliberately corrupted image data (like in the recent libwebp vulnerability.
-
But when data is received by the NIC in a computer, it then converts it into digital code or packets, and then passes through the RAM19216811– 192168112023-09-23 19:47:37 +00:00Commented Sep 23, 2023 at 19:47
-
1@AndyCrypto: In the RAM are data and code. The packet are treated as data, not code. This means they get not executed, unless explicitly intended or due to security problems. This is no different to files, pixels on the screen etc.Steffen Ullrich– Steffen Ullrich2023-09-23 20:08:42 +00:00Commented Sep 23, 2023 at 20:08
-
But then, if they are treated as data, you could technically modulate a radio wave so that when converted into electrical signals by the NIC, you could provoke some bit flips or something like that in RAM, just maybe19216811– 192168112023-09-23 20:50:21 +00:00Commented Sep 23, 2023 at 20:50
-
2@AndyCrypto: Just because some bits gets flipped the data do not get executed. They are still treated as data and not code - only corrupted data. Likely they get simply discarded because of this corruption.Steffen Ullrich– Steffen Ullrich2023-09-23 21:17:09 +00:00Commented Sep 23, 2023 at 21:17