With a least squares t we look for a line of the form

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: on of the program is as follows: unix> ./bufbomb Type Hex string: 30 31 32 33 getbuf returned 0x1 Looking at the code for the getbuf function, it seems quite apparent that it will return value ½ whenever it is called. It appears as if the call to getxs has no effect. Your task is to make getbuf return ¼¿ ¿ (0xdeadbeef) to test, simply by typing an appropriate hexadecimal string to the prompt. Here are some ideas that will help you solve the problem: ¯ ¯ ¯ Use OBJDUMP to create a disassembled version of bufbomb. Study this closely to determine how the stack frame for getbuf is organized and how overflowing the buffer will alter the saved program state. Run your program under GDB. Set a breakpoint within getbuf and run to this breakpoint. Determine such parameters as the value of %ebp and the saved value of any state that will be overwritten when you overflow the buffer. Determining the byte encoding of instruction sequences by hand is tedious and prone to errors. You can let tools do all of the work by writing an assembly code file containing the instructions and data you want to put on th...
View Full Document

This note was uploaded on 09/02/2010 for the course ELECTRICAL 360 taught by Professor Schultz during the Spring '10 term at BYU.

Ask a homework question - tutors are online