Build a Website

Анульовано Опубліковано %project.relative_time Оплачується при отриманні
Анульовано Оплачується при отриманні

Part 1: Understanding Buffer Overflow (20 Points)

Note: For this task, you may use online resources to show a program with these vulnerabilities, but please cite

these online sources. The diagrams should be your own (not copied from the online resources).

Stack buffer overflow: Write a testing program (not sort.c from task 2) that contains a stack buffer over-

flowvulnerability. Show what the stack layout looks like and explain how to exploit it. In particular, please

include in your diagram: (1) The order of parameters (if applicable), return address, saved registers (if applicable),

and local variable(s), (2) their sizes in bytes, (3) size of the overflowing buffer to reach return address,

and (4) the overflow direction in the stack. You are not required to write the real exploit code, but you may

want to use some figures to make your description clear and concise.

Deliverable: a pdf file containing your vulnerable programs (paste your code into the pdf directly) and your

explanations.

Part 2: Exploiting Buffer Overflow (60 points)

The attached C code (sort.c) contains a stack buffer overflow vulnerability. Please write an exploit (by modifying

[url removed, login to view]) to open a shell on Linux. The high level idea is to overwrite the return address with the address of

function system(), and pass the parameter “sh” to this function. Once the return instruction is executed, this

function will be called to open a shell.

We have provided you with a virtual machine image for this project. We do not recommend you use your

own VM image.

Steps:

1. Import the .OVA file to VirtualBox. Username: ubuntu Password: 123456

2. Compile the provided C code (which you will be exploiting): gcc sort.c -o sort -fno-stack-protector.

3. To run this program, put some hexadecimal integers in the file: [url removed, login to view], and execute sort by: ./sort

[url removed, login to view]

4. When you put a very long list of integers in [url removed, login to view], you will notice sort crashes with memory segfault,

this is because the return address has been overwritten by your data.

5. Now you can craft your shellcode in data.txt. Again, your goal is to overwrite the return address with

the address of function “system()” and pass it with the address of string “sh”. Do not use environment

variables to store these addresses and then access those environment variables. Use the library addresses

of “system()” and “sh” explicitly. GDB can be used to find these library addresses and test/debug your

exploit. However, it should be noted that your final exploit (i.e., the final version of your [url removed, login to view]) should

work outside of GDB. Just running “./sort [url removed, login to view]” should spawn a shell for you.

1

6. Provide a screenshot of you exploiting sort.

7. Have fun.

Deliverables: the [url removed, login to view] file you craft and a screenshot of the exploit. The screenshot should be put into

the PDF file (the same from task1).

Part 3: Open Question (20 Points)

First, if you are not familiar with code reuse attacks, please read the following papers:

1. The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86)

2. On the Effectiveness of Address-Space Randomization

3. Code-pointer Integrity

4. Control-Flow Bending: On the Effectiveness of Control-Flow Integrity

5. ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks

Two general detections of mitigating code reuse attacks are code diversification and control flow integrity.

Interestingly, both directions have their own limitations, and have been shown to be still vulnerable.

Графічний дизайн HTML PHP Веб-дизайн

ID Проекту: #13043512

Про проект

15 заявок(-ки) Дистанційний проект Остання активність 7 роки(ів) тому

15 фрілансерів(-и) готові виконати цю роботу у середньому за $251

alpha2alpha

Hi sir, i have read your description and i am interested in your project. Spare me some time that we can speak about project. Waiting for your positive response Thank you portfolio link: [login to view URL] Більше

$200 USD за 3 дні(-в)
(21 відгуків(и))
5.6
pinaliv

5 Reasons why you should hire me for your custom website and Application Development. 1. Available 24/7 upon your request 2. Delivery on-time with 100% satisfaction 3. Always think beyond boundaries and provide user Більше

$200 USD за 15 дні(-в)
(22 відгуків(и))
4.9
HelloWebStar

I'm available to discuss more on your project, I will provide 24/7 support and quick response guaranteed! So feel free to contact me at any time! If you need any further information, please feel free to contact me.

$250 USD за 3 дні(-в)
(2 відгуків(и))
3.0
DishankInfotech

Dear Client, Hope you are having a wonderful day !! We have read your requirement carefully and we have understood all the things that you have mentioned. You will be glad to know that we have extensive experti Більше

$250 USD за 3 дні(-в)
(0 відгуків(и))
0.0