computer science

CPIS 605 – Software Security

ASSIGNMENT 1

Objective: Understand the stack smashing buffer exploit thoroughly.

1. From the paper “Smashing the stack for fun and profit” by Alephone do the following (10%)

a. Download the article by Aleph One (see References). You will be extracting the source code of exploit3.c and exploit4.c files from it.

b. Improve the code of exploit3.c and exploit4.c so that there are no warning messages from gcc even after using the flags as in gcc -ansi -pedantic -Wall.

c. Reduce the size of their compiled binaries by at least 5% as seen by the size command when exactly the same flags are used in the compilation. Make sure no functionality is lost. Do not just remove printf’s. Do not use gcc optimization flags.

d. Login as a non-root user. Verify that the exploit still works on the vulnerable program. (It may not!)

e. Turn in a report but also with answers to the questions below, and thoroughly describing your changes, and how you verified that there was no loss of functionality. Include properly indented versions of your exploit[34].c files. Use indent -kr.

f. Answer the question: What is the “environment”?

g. Answer the question: Why does exploit3.c run system(“/bin/bash”) at the end

of main()?

2. Search the web and report on at least four recent (within last five years) buffer overflow attacks or SQL injection. Explain the attacks in two to three pages using your own words. (10%)

Submission:

Each student shall submit one file(docx, pdf) with two parts. The first part contains the source code and

full-screen shots showing the date and time for all buffer overflow examples and exploits. Then answer all questions in 1

At the seconds part write your report for question 2.