logo

Buffer Overflow Assignment

3 Pages1287 Words185 Views
   

Added on  2020-05-03

Buffer Overflow Assignment

   Added on 2020-05-03

ShareRelated Documents
1. LOW LEVEL EXPLOITS1. Set the characters gold or health to a number greater than 9000 by utilizing a buffer overflow. How did you achieve this? Explain using reference to bytes and ASCII as to what the exact value was that you achieved. [4 marks]By using python to create an executable exploit file called “overf” which contains the following:#! usrbin/pythonprint “G” * 1000The above executable script will print a thousand “G” characters, then I created another file called “e1” to be written by piping output from “overf” to “e1” using the following command./overf > e1 so on doing a line feed command ls -l el the total number of characters are 1001 which consist of 1000 “G” characters plus one line.So to create a buffer overflow in the a.out, output from the python exploit file is pipe to the input field for the name by executing the following command:./b1 | ./a.out this will output a segmentation fault message from the terminal. Gold value will beGold: 1094795585 while Hp will be Hp: 302. How could this exploit be prevented? [2 marks]Developers should avoid standard library functions that are not bounds checked such as gets, scanf, strcpy file_open.Use of stackguard compile extensions which detects and thwart buffer flows. By using fstact-protecter this will head off stack overflow attacks quickly. Developers also need to consider secure development practices which include thorough testing to detect and fix buffer overflows.3. Could this exploit be useful for more than just the game? Could it be used to gain access to a system? If not, why not? If so, where might it be used? [4 marks]Yes, buffer overflow is harmful to any vulnerable application whether for a small business or an enterprise business. Large system such as those which control the power grid can be attack by this vulnerability which may cause hazardous damage to the public or environment. If the running vulnerable system has privileges such as read, write and modify an attacker can gain to root shell through shellcode there a malicious attacker can perform various malicious task such as deleting files, accessing unclassified information etc. Buffer overflow can be used to attack power grid stations, car manufacturing companies, hospital and nuclear power stations.2. GENERAL QUESTIONS1.1 Why is it necessary for us to provide the flag -fno-stack-protector to GCC? What is a canary in terms of a buffer overflow and how can a canary prevent a buffer overflow exploit? [4 marks]When a program is compiled with fno-stack-protector, it disabled modern protections against stack overflow by allowing stack to be overwritten while in the functions. It expose the stack layout to a smash.A canary is a defense mechanism use to protect stack against buffer overflow. It store a dynamically calculated value when the function begin to execute on the stack before returning the address. When the function is ready to return the address the stack canary will be popped off the stack recomputed and compared to stored stack canary. The return address is checked against the stored stack value. If both the return stack canary and stored stack value are not the same then it hasbeen tampered therefore application will exit with an error code of smashed.
Buffer Overflow Assignment_1

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Understanding Buffer Overflow: Stack and Heap Buffer Overflows, Exploiting Buffer Overflow, JOP and ROP
|11
|1080
|283