1. Write a testing program (not sort.c from task 2) that contains a stack buffer
overflow vulnerability. Show what the stack layout looks like and explain how to
exploit it. In particular, please include in your diagram: (1) The order of parameters (if
applicable), return address, saved registers (if applicable), and local variable(s), (2) their
sizes in bytes, (3) size of the overflowing buffer to reach return address, and (4) the
overflow direction in the stack (5) What locations within the stack are actually
overwritten with your target data to exploit a stack to cause the routine you want to
execute to be invoked?
You are not required to write the real exploit code, but you may want to use some
figures to make your description clear and concise.
2. Write a testing program that contains a heap buffer overflow vulnerability.
Show what the heap layout looks like and explain how to exploit it. In particular, please
include in your diagram: (1) each chunk of memory allocated by malloc(), (2) their
sizes in bytes, (3) metadata of heap as it gets overwritten, (4) the sizes of this metadata
in bytes, and (5) which metadata get overwritten and how the attacker controls which
value can get written to any arbitrary location in memory.
Address the data structure implemented in a heap memory. How are allocated and nonallocated
chunks structured? Is heap memory contiguous within memory architecture?
Again, you do not need to write and test the real exploit code, but you may want to use
some figures to make your description
clear and concise.
因为专业,所以值得信赖。如有需要,请加QQ:99515681 或邮箱:[email protected]
微信:codinghelp