By using the vul_program below please do the following tasks. This is a SEEDLab C language assignment that I am having trouble with.

Complete this in a SEED VM environment.

The vulnerable program you are going to exploit is here: vul_prog.c (below)

You can compile this program for the lab as 32-bit, without stack protections and randomization to make things a bit easier.s

/* vul_prog.c */

#include #include

#define SECRET1 0x44 #define SECRET2 0x55

int main(int argc, char *argv[]) { char user_input[50]; int *secret; int int_input; int a, b; /* other variables, not used here.*/ /* The secret value is stored on the heap */ secret = (int *) malloc(2*sizeof(int)); /* getting the secret */ secret[0] = SECRET1; secret[1] = SECRET2; printf("The variable secret's address is 0x%8x (on stack) ", (unsigned int)&secret); printf("The variable secret's value is 0x%8x (on heap) ", (unsigned int)secret); printf("secret[0]'s address is 0x%8x (on heap) ", (unsigned int)&secret[0]); printf("secret[1]'s address is 0x%8x (on heap) ", (unsigned int)&secret[1]); printf("Please enter a decimal integer "); scanf("%d", &int_input); /* getting an input from user */ printf("Please enter a string "); scanf("%s", user_input); /* getting a string from user */ /* Vulnerable place */ printf(user_input); printf(" "); /* Verify whether your attack is successful */ printf("The original secrets: 0x%x -- 0x%x ", SECRET1, SECRET2); printf("The new secrets: 0x%x -- 0x%x ", secret[0], secret[1]); return 0; }

I would like the screenshot of the exploit not just the commands.

Tasks:

1. Crash the program. You should find the format string vulnerability in the program and develop an input string to crash the program.

What exploit string did you use?

Include a screen shot of your successful crash.

2. Print out the secret[1] value. You should develop a format string exploit that prints out this value.

What exploit string did you use?

Include a screen shot of your successful exploit.

3. Modify the secret[1] value. Now change your exploit from above to modify this value. You can modify it to any value you select.

What exploit string did you use?

Include a screen shot of your successful exploit.

4. Modify the secret[1] value to a pre-determined value. Now modify your exploit to change the value of secret[1] to 0x500

What exploit string did you use?

Include a screen shot of your successful exploit.

Again, I would like the screenshots of the successful exploit output not just the code

Thank you and have a amazing day.