Switch branches/tags
Nothing to show
Find file History
Cyber Grand Challenge Framework Team Cyber Grand Challenge Framework Team
Cyber Grand Challenge Framework Team and Cyber Grand Challenge Framework Team cfe-rc8 rc2
Latest commit 45411c8 Feb 1, 2017
Permalink
..
Failed to load latest commit information.
lib cfe-rc8 rc2 Feb 1, 2017
poller/for-testing cfe-rc8 rc2 Feb 1, 2017
pov cfe-rc8 rc2 Feb 1, 2017
src cfe-rc8 rc2 Feb 1, 2017
Makefile cfe-rc8 rc2 Feb 1, 2017
README.md cfe-rc8 rc2 Feb 1, 2017

README.md

Palindrome

Author Information

CGC Summer Intern 2014 Cadet from West Point Military Academy

DARPA performer group

CADET

Description:

This is an unusually simple service written by a military cadet as his first ever C program. It is intended as a data point as an incredibly simple service, with an incredibly simple vulnerability, written by an inexperienced programmer.

The underlying service itself is a palindrome detector.

Vulnerability

CWE-121: Stack-based Buffer Overflow

The palindrome vulnerability is a vanilla buffer overflow on the stack. The program allocates 64 bytes of stack space for network input and reads up to 128 bytes at a time.

Challenges

The only intended challenge posed by this service is that it was written by an inexperienced C programmer and consequently it may look different than other test cases.