Answered step by step
Verified Expert Solution
Question
1 Approved Answer
I am reviewing for my exams next week, I have come across a past question. void func(char * arg) { char buf[32]; strcpy(buf, arg); }
I am reviewing for my exams next week, I have come across a past question.
void func(char * arg) { char buf[32]; strcpy(buf, arg); }
Suppose;
- No defenses at all
- buf begins at 0xbffebfb0
- (gdb) x/2wx $ebp 0xbffebfd8: 0xbffec068 0x08048fe1
a) you want to run a payload that is 24 bytes long, what bytes should be copied into the buffer for an exploit? (I would want to fill in '\x90' for the 24 bytes)
b) If ASLR is enabled, which offsets the stack by 0-15 bytes each time it runs, what payload (describe in python print statement) will always get the shellcode above to execute? or why is such a payload impossible?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started