A server program takes an input from a remote user, saves the input in a buffer allocated on the stack (Region in Figure 6.9). The address of this buffer is then stored in the local variable fmt, which is used in the following statement in the server program: printf(fmt); When the above statement is executed, the current stack layout is depicted in Figure 6.9. If you are a malicious attacker, can you construct the input, so when the input is fed into the server program, you can get the server program to execute your code? Please write down the actual content of the input (you do not need to provide the exact content of the code; just put malicious code in your answer, but you need to put it in the correct location).

Return Address OxAABBCDA6 Data in this region are_ provided by use rs OxAABBCCDD -28 bytes fmt Figure 6.9: Stack Layout for Problem 6.5