1. Write a testing program (not sort.c from task 2) that contains a stack buffer
overflow vulnerability. Show what the stack layout looks like and explain how to
exploit it. In particular, please include in your diagram: (1) The order of parameters (if
applicable), return address, saved registers (if applicable), and local variable(s), (2) their
sizes in bytes, (3) size of the overflowing buffer to reach return address, and (4) the
overflow direction in the stack (5) What locations within the stack are actually
overwritten with your target data to exploit a stack to cause the routine you want to
execute to be invoked?
You are not required to write the real exploit code, but you may want to use some
figures to make your description clear and concise.
2. Write a testing program that contains a heap buffer overflow vulnerability.
Show what the heap layout looks like and explain how to exploit it. In particular, please
include in your diagram: (1) each chunk of memory allocated by malloc(), (2) their
sizes in bytes, (3) metadata of heap as it gets overwritten, (4) the sizes of this metadata
in bytes, and (5) which metadata get overwritten and how the attacker controls which
value can get written to any arbitrary location in memory.
Address the data structure implemented in a heap memory. How are allocated and nonallocated
chunks structured? Is heap memory contiguous within memory architecture?
Again, you do not need to write and test the real exploit code, but you may want to use
some figures to make your description
clear and concise.
版权所有:编程辅导网 2021 All Rights Reserved 联系方式:QQ:99515681 微信:codinghelp 电子信箱:99515681@qq.com
免责声明:本站部分内容从网络整理而来,只供参考!如有版权问题可联系本站删除。
