Consider the following program with format string vulnerability fmt vuln c include include include int main ( int argc, char argv ) char text 1 0 2 4 static int targeted val 0 x 5 a 5 a 5 a 5 a if ( argc 2 ) printf ( Usage s , argv 0 ) exit ( 0 ) strcpy ( text , argv 1 ) printf ( text ) printf ( ) printf ( targeted val 0 x 0 8 x d 0 x 0 8 x , targeted val, targeted val, targeted val ) exit ( 0 ) We have the following six commands execution results $ fmt vuln AAAA 0 8 x 0 8 x 0 8 x 0 8 x AAAAff 9 9 d 2 b 5 f 7 c 0 5 6 3 4 ff 9 9 b 9 4 c 4 1 4 1 4 1 4 1 targeted val 0 x 0 8 0 4 c 0 2 8 1 5 1 5 8 7 0 8 1 0 0 x 5 a 5 a 5 a 5 a $ fmt vuln $ ( printf x 2 8 xc 0 x 0 4 x 0 8 ) 0 8 x 0 8 x 0 8 x s ( ff 9 6 8 2 b 7 f 7 c 0 5 6 3 4 ff 9 6 7 8 4 c ZZZZ targeted val 0 x 0 8 0 4 c 0 2 8 1 5 1 5 8 7 0 8 1 0 0 x 5 a 5 a 5 a 5 a $ fmt vuln $ ( printf x 2 8 xc 0 x 0 4 x 0 8 ) 0 8 x 0 8 x 0 8 x n ( ff 9 4 a 2 b 7 f 7 c 0 5 6 3 4 ff 9 4 9 bfc targeted val 0 x 0 8 0 4 c 0 2 8 3 1 0 x 0 0 0 0 0 0 1 f $ fmt vuln $ ( printf x 2 8 xc 0 x 0 4 x 0 8 ) x x x n ( ffa 6 c 2 c 0 f 7 c 0 5 6 3 4 ffa 6 a 0 0 c targeted val 0 x 0 8 0 4 c 0 2 8 2 8 0 x 0 0 0 0 0 0 1 c $ fmt vuln $ ( printf x 2 8 xc 0 x 0 4 x 0 8 ) x x 1 8 0 x n ( ffd 9 0 2 bdf 7 c 0 5 6 3 4 targeted val 0 x 0 8 0 4 c 0 2 8 2 0 0 0 x 0 0 0 0 0 0 c 8 $ fmt vuln $ ( printf x 2 8 xc 0 x 0 4 x 0 8 JUNK x 2 9 xc 0 x 0 4 x 0 8 JUNK x 2 a xc 0 x 0 4 x 0 8 JUNK x 2 b xc 0 x 0 4 x 0 8 ) x x 1 2 6 x n 1 7 x n 1 7 x n 1 7 x n ( JUNK ) JUNK JUNK ffb 7 d 2 9 3 f 7 c 0 5 6 3 4 ffb 7 aecc 4 b 4 e 5 5 4 a 4 b 4 e 5 5 4 a 4 b 4 e 5 5 4 a targeted val 0 x 0 8 0 4 c 0 2 8 5 7 3 7 8 5 1 7 4 0 xddccbbaa Which of the followings is are true Group of answer choices $ fmt vuln $ ( printf x 2 8 xc 0 x 0 4 x 0 8 ) 0 8 x 0 8 x 0 8 x n ( ff 9 4 a 2 b 7 f 7 c 0 5 6 3 4 ff 9 4 9 bfc targeted val 0 x 0 8 0 4 c 0 2 8 3 1 0 x 0 0 0 0 0 0 1 f writes 3 1 to address 0 x 0 8 0 4 c 0 2 8 Similarly, $ fmt vuln $ ( printf x 2 8 xc 0 x 0 4 x 0 8 ) 0 8 x 0 8 x 0 8 x n writes 3 4 to address 0 x 0 8 0 4 c 0 2 8 $ fmt vuln $ ( printf x 2 8 xc 0 x 0 4 x 0 8 ) 0 8 x 0 8 x 0 8 x n ( ff 9 4 a 2 b 7 f 7 c 0 5 6 3 4 ff 9 4 9 bfc targeted val 0 x 0 8 0 4 c 0 2 8 3 1 0 x 0 0 0 0 0 0 1 f writes 3 1 to address 0 x 0 8 0 4 c 0 2 8 Similarly, $ fmt vuln $ ( printf x 2 8 xc 0 x 0 4 x 0 8 ) 0 8 x 0 8 x 0 8 x n writes 3 2 to address 0 x 0 8 0 4 c 0 2 8 $ fmt vuln $ ( printf x 2 8 xc 0 x 0 4 x 0 8 ) x x 1 8 0 x n ( ffd 9 0 2 bdf 7 c 0 5 6 3 4 targeted val 0 x 0 8 0 4 c 0 2 8 2 0 0 0 x 0 0 0 0 0 0 c 8 writes 2 0 0 to address 0 x 0 8 0 4 c 0 2 8 Similarly, $ fmt vuln $ ( printf x 2 8 xc 0 x 0 4 x 0 8 ) x x 8 0 x n writes 1 0 0 to address 0 x 0 8 0 4 c 0 2 8 $ fmt vuln $ ( printf x 2 8 xc 0 x 0 4 x 0 8 ) 0 8 x 0 8 x 0 8 x n ( ff 9 4 a 2 b 7 f 7 c 0 5 6 3 4 ff 9 4 9 bfc targeted val 0 x 0 8 0 4 c 0 2 8 3 1 0 x 0 0 0 0 0 0 1 f writes 3 1 to address 0 x 0 8 0 4 c 0 2 8 Similarly, $ fmt vuln $ ( printf x 2 8 xc 0 x 0 4 x 0 8 ) 0 8 x 0 8 x 0 8 x n writes 3 6 to address 0 x 0 8 0 4 c 0 2 8

The Answer is in the image, click to view ...

Answered step by step

Verified Expert Solution

Link Copied!

Question

1 Approved Answer

Posted on Sep 26, 2024

Consider the following program with format string vulnerability: fmt _ vuln.c #include #include #include int main ( int argc, char * argv [ ] )

Consider the following program with format string vulnerability:

fmt

_

vuln.c

#include

int main

(

int argc, char

*

argv

[]) {

char text

[1024]

;

static int targeted

_

val

= 0

5

5

5

5

(

argc

< 2) {

printf

("

Usage:

%

",

argv

[0])

;

exit

(0)

;

}

strcpy

(

text

,

argv

[1])

;

printf

(

text

)

;

printf

("

")

;

printf

(" [*]

targeted

_

val @

0

% 08

= %

0

% 08

",

&targeted

_

val, targeted

_

val, targeted

_

val

)

;

exit

(0)

;

}

We have the following six commands execution results:

. /

fmt

_

vuln AAAA

% 08

. % 08

. % 08

. % 08

AAAAff

99

2

5 .

7

05634 .

99

94

. 41414141

[*]

targeted

_

val @

0

0804

028 = 1515870810 0

5

5

5

5

. /

fmt

_

vuln $

(

printf

" \

28 \

0 \

04 \

08 ") % 08

. % 08

. % 08

. %

(

9682

7 .

7

05634 .

96784

.

ZZZZ

[*]

targeted

_

val @

0

0804

028 = 1515870810 0

5

5

5

5

. /

fmt

_

vuln $

(

printf

" \

28 \

0 \

04 \

08 ") % 08

. % 08

. % 08

. %

(

94

2

7 .

7

05634 .

949

bfc

.

[*]

targeted

_

val @

0

0804

028 = 31 0

0000001

. /

fmt

_

vuln $

(

printf

" \

28 \

0 \

04 \

08 ") %

%

%

%

(

ffa

6

2

0

7

05634

ffa

6

00

[*]

targeted

_

val @

0

0804

028 = 28 0

0000001

. /

fmt

_

vuln $

(

printf

" \

28 \

0 \

04 \

08 ") %

%

% 180

%

(

ffd

902

bdf

7

05634

[*]

targeted

_

val @

0

0804

028 = 200 0

000000

8

. /

fmt

_

vuln $

(

printf

" \

28 \

0 \

04 \

08

JUNK

\

29 \

0 \

04 \

08

JUNK

\

2

\

0 \

04 \

08

JUNK

\

2

\

0 \

04 \

08 ") %

%

% 126

%

% 17

%

% 17

%

% 17

%

(

JUNK

)

JUNK

*

JUNK

+

ffb

7

293

7

05634

ffb

7

aecc

4

4

554

4

4

554

4

4

554

[*]

targeted

_

val @

0

0804

028 = - 573785174 0

xddccbbaa

Which of the followings is

/

are true?

Group of answer choices

. /

fmt

_

vuln $

(

printf

" \

28 \

0 \

04 \

08 ") % 08

. % 08

. % 08

. %

(

94

2

7 .

7

05634 .

949

bfc

.

[*]

targeted

_

val @

0

0804

028 = 31 0

0000001

writes

31

to address

0

0804

028 .

Similarly,

. /

fmt

_

vuln $

(

printf

" \

28 \

0 \

04 \

08 ") % 08

. . % 08

. . % 08

. . %

writes

34

to address

0

0804

028 .

. /

fmt

_

vuln $

(

printf

" \

28 \

0 \

04 \

08 ") % 08

. % 08

. % 08

. %

(

94

2

7 .

7

05634 .

949

bfc

.

[*]

targeted

_

val @

0

0804

028 = 31 0

0000001

writes

31

to address

0

0804

028 .

Similarly,

. /

fmt

_

vuln $

(

printf

" \

28 \

0 \

04 \

08 ") % 08

. . % 08

. . % 08

. . %

writes

32

to address

0

0804

028 .

. /

fmt

_

vuln $

(

printf

" \

28 \

0 \

04 \

08 ") %

%

% 180

%

(

ffd

902

bdf

7

05634

[*]

targeted

_

val @

0

0804

028 = 200 0

000000

8

writes

200

to address

0

0804

028 .

Similarly,

. /

fmt

_

vuln $

(

printf

" \

28 \

0 \

04 \

08 ") %

%

% 80

%

writes

100

to address

0

0804

028 .

. /

fmt

_

vuln $

(

printf

" \

28 \

0 \

04 \

08 ") % 08

. % 08

. % 08

. %

(

94

2

7 .

7

05634 .

949

bfc

.

[*]

targeted

_

val @

0

0804

028 = 31 0

0000001

writes

31

to address

0

0804

028 .

Similarly,

. /

fmt

_

vuln $

(

printf

" \

28 \

0 \

04 \

08 ") % 08

. . % 08

. . % 08

. . %

writes

36

to address

0

0804

028 .

Step by Step Solution

There are 3 Steps involved in it

Step: 1

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

Step: 3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Programming The Perl DBI Database Programming With Perl

Authors: Tim Bunce, Alligator Descartes

1st Edition

1565926994, 978-1565926998

More Books

Students also viewed these Databases questions

Question

★★★★★

Fully depreciated equipment costing $60,000 was discarded, with no salvage value . What effect would this have on the statement of cash flows?

Answered: 1 week ago

Question

★★★★★

1. What pattern or organizational structure does this letter use?

Answered: 1 week ago

Question

★★★★★

3. What are potential solutions?

Answered: 1 week ago

Question

★★★★★

Lester purchased a used automobile from MacKintosh Motors. He asked the seller if the car had ever been in a wreck. The MacKintosh salesperson had never seen the car before that morning and knew...

Answered: 1 week ago

Question

★★★★★

Consider the following program with format string vulnerability: fmt _ vuln.c #include #include #include int main ( int argc, char * argv [ ] ) { char text [ 1 0 2 4 ] ; static int targeted _ val = 0...

Answered: 1 week ago

Question

★★★★★

The following adjusted trial balance contains the accounts and balances of Cruz Company as of December 31, 2017, the end of its fiscal year. No. Account Title Debit Credit 101 Cash 126 Supplies 128...

Answered: 1 week ago

Question

★★★★★

Windsor issued an 7%, 10-year $2,100,000 bond to build a monorail mass transit system. The city received $1,830,458 cash from the bond issuance on January 1, 2025. The bond yield is 9%. Interest is...

Answered: 1 week ago

Question

★★★★★

TO: Bill Bugnay MEMO#113FROM: M. Lasker December 1, 20XXPlease issue a cheque to Barrio Fiesta for a deposit for our Christmas Party for $4000. Record this as a Deposit. (CHQ 2113 2 answers

Answered: 1 week ago

Question

★★★★★

Given the damage to a nuclear power plant caused by an earthquake and tsunami and the real and potential danger of a radiation leak, recommend to the CEO of a utility company, Bruce Nuclear...

Answered: 1 week ago

Question

★★★★★

You are the senior marine engineer working for a ship and staff management company which manages the recruitment and staff development of ships officers. Your current customer operates a fleet of 10...

Answered: 1 week ago

Question

★★★★★

For this week's discussion, use the Internet or Company Dossier through Nexis Uni to research one publicly traded company in which you are interested. Review its most recent statement of cash flows....

Answered: 1 week ago

Question

★★★★★

What combination of Key Fields in a Salary Structure Table allows for storage of historical Pay Grade Data for multiple Occupation Group Pay Grade Structures?

Answered: 1 week ago

Question

★★★★★

Explain the function and purpose of the Job Level Table.

Answered: 1 week ago

Question

★★★★★

What are Compa-Ratios? Explain the difference between Internal and External (Market Based) Compa-Ratios.

Answered: 1 week ago

Previous Question Next Question