Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Given the C program ret2libc : int vuln(char* input) { char buff[100]; strcpy(buff, input); return 0; } int main(int argc, char *argv[]) { if(argc <

Given the C program ret2libc :

int vuln(char* input) {

char buff[100];

strcpy(buff, input);

return 0;

}

int main(int argc, char *argv[])

{

if(argc < 2)

{

printf("Syntax: %s ", argv[0]);

exit (0);

}

vuln(argv[1]);

return 0;

}

We want to exploit the program ret2libc that is vulnerable to a stack-based buffer overflow.

For each of the two tasks, write and submit a commented script that writes your exploit to stdout, such that the output can be used as the argument for the target program.

i) Spawn a shell via a return-to-libc attack: Exploit the vulnerability in the binary to call the function system() in libc with parameter /bin/sh.

ii) With system() we can not only execute /bin/sh but arbitrary commands. To demonstrate this, write an exploit that creates the file owned in the folder s3cr3t. To do so, run the command touch s3cr3t/owned. Remember that you can inject strings into the process by setting environment variables prior to the execution.

Ensure that your exploit terminates without causing a segmentation fault by calling exit() after system().

suppose the address of :

function system() : 0xf7e18360

function exit(): 0xf7e0aec0

/bin/sh : 0xf7f62363

Please write a well commented script that is tested very well .

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image_2

Step: 3

blur-text-image_3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Practical Neo4j

Authors: Gregory Jordan

1st Edition

1484200225, 9781484200223

More Books

Students also viewed these Databases questions

Question

1. Prepare a flowchart of Dr. Mahalees service encounters.

Answered: 1 week ago