Question

In: Computer Science

Write a testing program (not sort.c from task 2) that contains a stack buffer overflow vulnerability....

Write a testing program (not sort.c from task 2) that contains a stack buffer overflow vulnerability. Show what the stack layout looks like and explain how to exploit it. In particular, please include in your diagram: (1) The order of parameters (if applicable), return address, saved registers (if applicable), and local variable(s), (2) their sizes in bytes, (3) size of the overflowing buffer to reach return address, and (4) the overflow direction in the stack (5) What locations within the stack are actually overwritten with your target data to exploit a stack to cause the routine you want to execute to be invoked? You are not required to write the real exploit code, but you may want to use some figures to make your description clear and concise.

Solutions

Expert Solution

Raw Copyable Code:

//header files
#include <stdlib.h>
#include <stdio.h>
#include <string.h>

//the test function
void testFunction (char *inString)
{
   char buffer[12];

   /*the below statement will results in a buffer overflow
   problem*/
   strcpy (buffer, inString);
}

//The main
int main()
{
   //the character array
   char *inString = "The string input has size more than 12";

   //call the function
   testFunction (inString);

   //return 0
   return 0;
}


Related Solutions

Windows vulnerability that has been exploited widely, such as the SQL Injection, Buffer Overflow. a) What...
Windows vulnerability that has been exploited widely, such as the SQL Injection, Buffer Overflow. a) What windows vulnerability in SQL Injection is and explain with references? b) What windows vulnerability in Buffer Overflow is and explain with references? c) What the weakness windows was and how it was exploited? d) What was the impact to society and economy?
Task 3      Write a program that pushes the first 10 natural numbers to the stack,...
Task 3      Write a program that pushes the first 10 natural numbers to the stack, then pops those numbers. Use the debugger to view how the stack changes after each instruction. Once all the data has been pushed to the stack, take a screenshot of the stack in memory. Task 4     Write a subroutine called “Area” that calculates the area of a rectangle. Use accumulator A and B to pass the length and the width to the function....
The program (​ stack-ptr.c​ ) implements stack using a linked list, however, it contains a race...
The program (​ stack-ptr.c​ ) implements stack using a linked list, however, it contains a race condition and is not appropriate for a concurrent environment. Using Pthreads mutex locks, fix the race condition. For reference, see Section 7.3.1 of SGG book.(Section 7.3.1 is about mutex and semaphores it does explain how to implement I'm just having a hard time finding the race condition within the code) /* * Stack containing race conditions */ #include #include #include typedef int value_t; //...
1.write three methods to exploit buffer overflow and to archive the goal. If local variables are...
1.write three methods to exploit buffer overflow and to archive the goal. If local variables are exploited present all possible approaches. Goal: The goal is to exploit the program to let it print out “CORRECT SERIAL”. Note: A “Segmentation fault” is fine if the program prints out the desired message. C programming
Exercise 3: Stack Write a program in Java to manipulate a Stack List: 1. Create Stack...
Exercise 3: Stack Write a program in Java to manipulate a Stack List: 1. Create Stack List 2. Display the list 3. Create the function isEmply 4. Count the number of nodes 5. Insert a new node in the Stack List. 6. Delete the node in the Stack List. 7. Call all methods above in main method with the following data: Test Data : Input the number of nodes : 4 Input data for node 1 : 5 Input data...
2. Using the Stack ADT: Create a program that uses a stack. Your program should ask...
2. Using the Stack ADT: Create a program that uses a stack. Your program should ask the user to input a few lines of text and then outputs strings in reverse order of entry. In Java please.
Write a java program to reverse element of a stack. For any given word (from input),...
Write a java program to reverse element of a stack. For any given word (from input), insert every character (from the word) into a stack. The output from the stack should be the same as the input. Your program should be using a stack and a queue to complete this process. 1. Push into stack 2. Pop from stack 3. Enqueue into queue 4. Dequeue from queue 5. Push into stack 6. Pop from stack and display java
Write a java class program to convert from INFIX TO POSTFIX Using stack operations
Write a java class program to convert from INFIX TO POSTFIX Using stack operations
Write a program that contains 2 functions. Program will call a function named calc_commission that prompt...
Write a program that contains 2 functions. Program will call a function named calc_commission that prompt the user to enter the sales amount and computes and prints with a description the commission paid to salesperson as follows: 10% for sales amount less than $2,000.00, 15% for sales amount less than $10,000.00 and 20% for sales amount less than $20,000.00, then function calc_commission calls another function name assign_base_salary() to ask the user to enter each of 5 salesperson’s base salary ,...
Hey! I'm stuck with this task from the Princeton course on Coursera. Write a program Minesweeper.java...
Hey! I'm stuck with this task from the Princeton course on Coursera. Write a program Minesweeper.java that takes three integer command-line arguments m, n, and k and prints an m-by-n grid of cells with k mines, using asterisks for mines and integers for the neighboring mine counts (with two space characters between each cell). To do so, Generate an m-by-n grid of cells, with exactly k of the mn cells containing mines, uniformly at random. For each cell not containing...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT