This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: ECE4112 Internetwork Security Lab 6: Buffer Overflows Date Issued: October 2, 2007 Due Date: October 16, 2007 (Yes October 16) Last Edited: November 6, 2007 Lab Goal This lab will introduce you to the memory stack used in computer processes and demonstrate how to overflow memory buffers in order to exploit application security flaws. You will then execute several buffer overflow attacks against your Linux and Windows XP machines in order to gain root or administrative access using application vulnerabilities. Pre-Lab The following readings are a must to understand this lab and complete it in a timely manner. 1. Carefully read the entire article Smashing the Stack for fun and profit by Aleph One (Appendix A). It is essential that you have a thorough understanding of this article before you attempt these attacks, and although the author’s computer system differs from ours, it will be useful as a reference during the lab. Note: Correction to the Aleph One paper – For example3.c (the 9 th page of Smashing the Stack) , Aleph One says, “We can see that when calling function() the RET will be 0x8004a8. The next instruction we want to execute is the one at 0x8004b2. A little math tells us the distance is 8 bytes.” The number should be 10 bytes instead of 8 bytes . 2. Read the article Secure programmer: Countering buffer overflows Preventing today's top vulnerability David Wheeler ([email protected]), Research Staff Member, Institute for Defense Analyses 27 Jan 2004 at: http://www-128.ibm.com/developerworks/linux/library/l-sp4.html and answer the question: PLQ1: According to the article, what are the common problems with C/C++ which allow buffer overflows? 3. For this prelab section, you will need to use a computer which has internet access and a java enabled browser. a. Go to the website: http://nsfsecurity.pr.erau.edu/bom/ b. Scroll down to the middle of the page. c. We will be using the online demos of buffer overflow. d. Read the section on “How to use the Demo applets” before beginning. e. Complete the first 4 demos below (7 total), in the order listed. Be sure to use the “step” feature and always read the helpful text in the lower left. The read-only areas in memory 1 (top-right) have been color coded with the C functions. You will see that the stack is also color coded as it starts growing (lower right) – be sure you understand the stack manipulation before and after function calls. Note: When asked for input, type in a long string and watch it erase data in the stack memory. Background Although computer programs are frequently written in English-based user-friendly languages such as C, they must be compiled to an assembly language built for the machine on which they will be executed. The assembly language has much fewer commands than C, and these commands are much less varying in structure and less obvious semantically. Commands are stored in memory so that each is referenced by its location in memory rather than its line number in the code. Commands are executed location in memory rather than its line number in the code....
View Full Document
This note was uploaded on 12/05/2009 for the course IT IS taught by Professor Arther during the Three '09 term at Queensland Tech.
- Three '09