Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
cs-465:project-8-buffer-overflow [2017/11/12 00:03]
seamons
cs-465:project-8-buffer-overflow [2017/11/12 00:10] (current)
seamons
Line 12: Line 12:
 For tips on how to use GDB, [https://​gist.github.com/​ThaWeatherman/​6912322 here] is a document detailing some of the more useful and important commands. Ignore the comments on the Bomb lab: it may become a lab later in the semester but you don't have to worry about it now. For tips on how to use GDB, [https://​gist.github.com/​ThaWeatherman/​6912322 here] is a document detailing some of the more useful and important commands. Ignore the comments on the Bomb lab: it may become a lab later in the semester but you don't have to worry about it now.
  
-== Part 1 ==+== Part 1 - This is now HW 11a ==
  
 This part is intended to introduce you to the debugger, understand how to examine and update memory locations using a debugger, and gain experience with how the runtime stack is organized. A helpful way to start is to watch an [http://​youtu.be/​RF7DF4kfs1E introductory video] on buffer overflow attacks. This part is intended to introduce you to the debugger, understand how to examine and update memory locations using a debugger, and gain experience with how the runtime stack is organized. A helpful way to start is to watch an [http://​youtu.be/​RF7DF4kfs1E introductory video] on buffer overflow attacks.
Line 26: Line 26:
 * Compile the program with the -m32 compiler option. We will use a 32-bit program for simplicity. * Compile the program with the -m32 compiler option. We will use a 32-bit program for simplicity.
  
 +* [http://​tinyurl.com/​9uh458s Buffer Overflow Resources] This is used in part 2, but there are some helpful gdb commands at the start of the file.
 +
 +* compile with -g and -m32 options to give you debugging info
  
 == Part 2 == == Part 2 ==
  
-I used a collection of files based on materials found in Jon Erickson'​s The Art of Exploitation. Visit the following page for hints on using gdb and perl, and then try a range of options to change ​to flow control for a program.+I used a collection of files based on materials found in Jon Erickson'​s The Art of Exploitation. Visit the following page for hints on using gdb and perl, and then try a range of options to change ​the flow control for a program.
 * [http://​tinyurl.com/​9uh458s Buffer Overflow Resources] * [http://​tinyurl.com/​9uh458s Buffer Overflow Resources]
-* Complete Sections A, B, C in the Resources File+* Complete Sections A, B, C, and D in the Resources File
 ** Section C - From the command line, gain access to the program without providing a legitimate password. ** Section C - From the command line, gain access to the program without providing a legitimate password.
 ** Take a screen shot of your result for Section C and submit that to Learning Suite. ** Take a screen shot of your result for Section C and submit that to Learning Suite.
 +** Section D - From the command line, submit shell code to launch your own shell
 +** Take a screen shot of your result for Section D and submit that to Learning Suite.
  
  
-=Extra Credit Options= 
- 
-== Option 3 == 
- 
-The most recent CS 360 course now includes a project on buffer overflow attacks. This is based on a lab developed at Syracuse. You may complete that lab and submit the result for Project 8. 
-* Link to [http://​ilab.cs.byu.edu/​cs360/​2012s/​assignments/​lab5.html CS360 Buffer Overflow Lab] 
-* As in option 1, you'll need a [http://​students.cs.byu.edu/​~cs465ta/​fall2014/​bufferOverflow/​option2.tgz precompiled version] 
- 
- 
-== Option 4 (NOT AVAILABLE - Now Extra Credit Lab)== 
- 
-For this option you can practice your buffer overflow skills against the Carnegie Mellon buflab. This lab is a part of EE 324 as well. Currently we do not have a project description posted. However the one for EE 324 is [http://​ece324web.groups.et.byu.net/​Labs/​buflab/​buflab.pdf here] and it is the same as what you will be doing here. However please note that you cannot work in teams, despite what that spec says. For your cookie provide your NetID. This lab can only be done on CS lab machines (not SPICE machines like the spec says). You can SSH into them if you don't want to go into the labs.  
- 
-Get your bomb [http://​bombs.sebulba.cs.byu.edu/​bombs here]. See the results board [http://​bombs.sebulba.cs.byu.edu/​scoreboard here]. 
- 
- 
-== Option 5 == 
- 
-Find resources on the web to help you develop your own shell code and perform a stack smashing attack with your own shellcode instead of taking existing shellcode and using it without understanding what it does. 
- 
- 
-== Option 6 == 
- 
-Choose a compiler and O/S and reverse engineer the canary-based stack protection to learn how it works. How does it compare to the canary alternatives we discuessed in class? Demonstrate how it works to detect a stack-smashing attack. 
- 
- 
-== Option 7 == 
  
-Learn about format string vulnerabilities and demonstrate how they work. 
  
cs-465/project-8-buffer-overflow.txt ยท Last modified: 2017/11/12 00:10 by seamons
Back to top
CC Attribution-Share Alike 4.0 International
chimeric.de = chi`s home Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0