Project 9 (Buffer Overflow)

Objectives

  • Continue your learning about buffer overflow attacks from Lab 8

I used a collection of files based on materials found in Jon Erickson's The Art of Exploitation. Visit the following page for hints on using gdb and perl, and then try a range of options to change to flow control for a program.

  • Complete Sections D and E in the Resources File
    • First, from the commend line, inject shell code on the stack and cause it to execute. You may need to use a NOP sled.
    • Second, place your shellcode in an environment variable. You may need a NOP sled. Then smash the stack and cause that shellcode to execute.
    • For both sections, take a screenshot of your results and submit it to LearningSuite. Use a filename to make it clear which is part D and which is part E.

For Winter 2017 - Section E is optional, and can be done for extra credit.

cs-465/project-9-buffer-overflow.txt · Last modified: 2017/03/22 15:08 by fred
Back to top
CC Attribution-Share Alike 4.0 International
chimeric.de = chi`s home Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0