![]() In the following instructions, we will assume that you have copied the files to a protected local directory, and that you are executing the programs in that local directory. Hex2raw: A utility to generate attack strings. README.txt: A file describing the contents of the directory ctarget: An executable program vulnerable to code-injection attacks rtarget: An executable program vulnerable to return-oriented-programming attacks cookie.txt: An 8-digit hex code that you will use as a unique identifier in your attacks.įarm.c: The source code of your target’s “gadget farm,” which you will use in generating return-oriented programming attacks. ![]() This will manifest as ’permission denied’ errors, and can be fixed by marking the relevant executable files as executable with: chmod +x ![]() Warning: If you expand your target k.tar on a PC, by using a utility such as Winzip, or letting your browser do the extraction, you’ll risk resetting permission bits on the executable files. If for some reason you download multiple targets, choose one target to work on and delete the rest. You should only download one set of files. This will extract a directory target k containing the files described below. Then give the command: tar -xvf target k.tar. Save the target k.tar file in a (protected) Linux directory in which you plan to do your work. ![]() Note: It takes a few seconds to build and download your target, so please be patient. The server will build your files and return them to your browser in a tar file called target k.tar, where k is the unique number of your target programs. You can obtain your files by pointing your Web browser at: You are encouraged to work together to help you solve the labs, but each student is responsible for understanding her/his own solution, and demonstrating that understanding in a grading interview. 2 LogisticsĮach student will generate attacks for target programs that are custom-generated for them. You will want to study Sections 3.10.3 and 3.10.4 of the CS:APP3e book as reference material for this lab. We do not condone the use of any other form of attack to gain unauthorized access to any system resources. Our purpose is to help you learn about the runtime operation of programs and to understand the nature of these security weaknesses so that you can avoid them when you write system code. Note: In this lab, you will gain firsthand experience with methods used to exploit security weaknesses in operating systems and network servers. You will gain more experience with debugging tools such as GDB and OBJDUMP.You will gain a deeper understanding of how x86-64 instructions are encoded.You will gain a deeper understanding of the stack and parameter-passing mechanisms of x86-64 machine code.Through this, you will get a better understanding of how to write programs that are more secure, as well as some of the features provided by compilers and operating systems to make programs less vulnerable.You will learn different ways that attackers can exploit security vulnerabilities when programs do not safeguard themselves well enough against buffer overflows.Outcomes you will gain from this lab include: This assignment involves generating a total of five attacks on two programs having different security vulnerabilities.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |