Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

7. The following function is called in a privileged program. The argument str points to a string that is entirely provided by users (the size

7. The following function is called in a privileged program. The argument str points to a string that is entirely provided by users (the size of the string is up to 300 bytes). When this function is invoked, the address of the buffer array is 0xAABB0010, while the return address is stored in 0xAABB0050. You need to construct the attack string that you would feed into the program, so when this string is copied to buffer and when the bof() function returns, the privileged program will run your code. Which position in your string (with respect to the beginning of your string), you will put the new return address which will be used to overwrite the return address of the bof() function? What is the value of the new return address (you just need to provide one possible value assuming the whole attack string is pre-filled with 300 NOPs)? int bof(char *str) { char buffer[24]; strcpy(buffer,str); return 1;}

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Enterprise Information Systems A Pattern Based Approach

Authors: Cheryl Dunn, J. Owen Cherrington, Anita Hollander

3rd Edition

0072404299, 978-0072404296

More Books

Students also viewed these Accounting questions

Question

5. What are the other economic side effects of accidents?

Answered: 1 week ago