Bu er Over ow
The following questions refer to stackoverflow.c as the 'code'. Please be as detailed in your responses as possible, and Justify all answers. The source code may NOT be modi ed.
The Make le included has targets to turn o ASLR to make things easier. If you can do both questions with ASLR on then there will be a little bit of extra credit :) !! See Make le for usage
Find and identify the line(s) of code that are vulnerable to a bu er over ow. Solution:
Exploit the vulnerability to have the program execute the secret function, that can be found in the source code.
Submit script below, and a brief explanation of how this exploits to execute code in secret.
Hint: You need to gure out the virtual address of the function. There are many tools that can nd this such as GDB or Radare2.
Solution:
Now that you have exploited the program and are given the following shell code, exploit the same program to execute the shell code.
Shell code:
\x31\xc0\x50\x68
\x2f\x2f\x73\x68
\x68\x2f\x62\x69
\x6e\x89\xe3\x50
\x53\x89\xe1\xb0
\x0b\xcd\x80
Solution:
