Build a Website

已取消 已发布的 7 年前 货到付款
已取消 货到付款

Part 1: Understanding Buffer Overflow (20 Points)

Note: For this task, you may use online resources to show a program with these vulnerabilities, but please cite

these online sources. The diagrams should be your own (not copied from the online resources).

Stack buffer overflow: Write a testing program (not sort.c from task 2) that contains a stack buffer over-

flowvulnerability. Show what the stack layout looks like and explain how to exploit it. In particular, please

include in your diagram: (1) The order of parameters (if applicable), return address, saved registers (if applicable),

and local variable(s), (2) their sizes in bytes, (3) size of the overflowing buffer to reach return address,

and (4) the overflow direction in the stack. You are not required to write the real exploit code, but you may

want to use some figures to make your description clear and concise.

Deliverable: a pdf file containing your vulnerable programs (paste your code into the pdf directly) and your

explanations.

Part 2: Exploiting Buffer Overflow (60 points)

The attached C code (sort.c) contains a stack buffer overflow vulnerability. Please write an exploit (by modifying

[url removed, login to view]) to open a shell on Linux. The high level idea is to overwrite the return address with the address of

function system(), and pass the parameter “sh” to this function. Once the return instruction is executed, this

function will be called to open a shell.

We have provided you with a virtual machine image for this project. We do not recommend you use your

own VM image.

Steps:

1. Import the .OVA file to VirtualBox. Username: ubuntu Password: 123456

2. Compile the provided C code (which you will be exploiting): gcc sort.c -o sort -fno-stack-protector.

3. To run this program, put some hexadecimal integers in the file: [url removed, login to view], and execute sort by: ./sort

[url removed, login to view]

4. When you put a very long list of integers in [url removed, login to view], you will notice sort crashes with memory segfault,

this is because the return address has been overwritten by your data.

5. Now you can craft your shellcode in data.txt. Again, your goal is to overwrite the return address with

the address of function “system()” and pass it with the address of string “sh”. Do not use environment

variables to store these addresses and then access those environment variables. Use the library addresses

of “system()” and “sh” explicitly. GDB can be used to find these library addresses and test/debug your

exploit. However, it should be noted that your final exploit (i.e., the final version of your [url removed, login to view]) should

work outside of GDB. Just running “./sort [url removed, login to view]” should spawn a shell for you.

1

6. Provide a screenshot of you exploiting sort.

7. Have fun.

Deliverables: the [url removed, login to view] file you craft and a screenshot of the exploit. The screenshot should be put into

the PDF file (the same from task1).

Part 3: Open Question (20 Points)

First, if you are not familiar with code reuse attacks, please read the following papers:

1. The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86)

2. On the Effectiveness of Address-Space Randomization

3. Code-pointer Integrity

4. Control-Flow Bending: On the Effectiveness of Control-Flow Integrity

5. ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks

Two general detections of mitigating code reuse attacks are code diversification and control flow integrity.

Interestingly, both directions have their own limitations, and have been shown to be still vulnerable.

平面设计 HTML PHP 网站设计

项目ID: #13043512

关于项目

15个方案 远程项目 活跃的7 年前

有15名威客正在参与此工作的竞标,均价$251/小时

alpha2alpha

Hi sir, i have read your description and i am interested in your project. Spare me some time that we can speak about project. Waiting for your positive response Thank you portfolio link: [login to view URL] 更多

$200 USD 在3天内
(21条评论)
5.6
pinaliv

5 Reasons why you should hire me for your custom website and Application Development. 1. Available 24/7 upon your request 2. Delivery on-time with 100% satisfaction 3. Always think beyond boundaries and provide user 更多

$200 USD 在15天内
(22条评论)
4.9
HelloWebStar

I'm available to discuss more on your project, I will provide 24/7 support and quick response guaranteed! So feel free to contact me at any time! If you need any further information, please feel free to contact me.

$250 USD 在3天内
(2条评论)
3.0
DishankInfotech

Dear Client, Hope you are having a wonderful day !! We have read your requirement carefully and we have understood all the things that you have mentioned. You will be glad to know that we have extensive experti 更多

$250 USD 在3天内
(0条评论)
0.0