Presentation is loading. Please wait.

Presentation is loading. Please wait.

Several Tips on Project 1

Similar presentations


Presentation on theme: "Several Tips on Project 1"— Presentation transcript:

1 Several Tips on Project 1
Be sure to use the Makefile to generate executable of both exploit program and target program Be sure to use “setarch i686 -R” in front of every execution, including both Gdb and ./exploit You can use “x/b address” under gdb to know the byte content saved on the specified address. This is helpful to determine big-edian or little-edian of memory (how to overwrite return address). You can use “break foo” to set breakpoint upon entering foo() function. Fill the shell executable code (in the string array shellcode[ ]) byte-by-byte into the buffer for your modified return address to execute. The deadline will not be changed, but penalty for one week late submission is now 10% off.

2 NOPs Most CPUs have a No-Operation instruction – it does nothing but advance the instruction pointer. Usually we can put a bunch of these ahead of our program (in the string). As long as the new return-address points to a NOP we are OK.

3 (exec /bin/ls or whatever)
Using NOPs new return address Real program (exec /bin/ls or whatever) Can point anywhere in here nop instructions

4 Estimating the stack size
We can also guess at the location of the return address relative to the overflowed buffer. Put in a bunch of new return addresses!

5 Estimating the Location
new return address new return address new return address new return address new return address new return address Real program nop instructions


Download ppt "Several Tips on Project 1"

Similar presentations


Ads by Google