Format String Vulnerability Lab2.1 Task 1: Exploit the vulnerabilityList the vulnerable programTask Description: To display the vulnerable program vuln_prog.c.Crash the programTask Description: Exploit the security hole to make the program crash! Passing multiple %scauses the program to read non-existent memory locations.Find the location of the integer on stackTask Description: To find the address of decimal integer on stack, we enter a known integer, e.g.123 (0x7b) for the decimal integer. Next, we input arbitrary number of comma-separated %x inthe string prompt to pinpoint the location of decimal integer (i.e. 0x7b) on the stack. We discoverthat 0x7b appears as the 9th integer on the stack.Print out the secret valueTask Description: To read the secret value, we will use the decimal integer as a pointerfor indirect access. By writing the address of secret into the integer, we can make %sformat string read the content of the memory pointed to by the decimal integer. Since we havealready discovered that the integer appears as the 9th integral element on the stack, we provide astring of 8 %x just to forward the character 4 bytes every time, followed by a %s to read thecontent as input.Modify the secret valueTask Description: To modify the value of secret, we replace the occurrence of %s by %n.It will make printf() write the number of bytes printed on screen to the memory locationpointed to by ...
To Order an Original Plagiarism Free Paper on the Same Topic Click Here
Other samples, services and questions:
When you use PaperHelp, you save one valuable — TIME
You can spend it for more important things than paper writing.