The learning objective of this lab is for you to gain first-hand experience with the buffer-overflow vulnerability. Buffer overflow occurs when a program writes data beyond the boundaries of pre-allocated fixed length buffer. This vulnerability can be exploited by a malicious user to alter the control flow of the program and execute arbitrary code.
This vulnerability arises due to the mixing of the storage for data and the storage for controls (i.e. return addresses) in the stack. An overflow in the data part (i.e. due to user input) can change a return address and alter the control flow of the program.
In this lab, you will be given a program with a buffer-overflow vulnerability; your task is to develop an exploit string that overflows the buffer and launches a shell. By making the vulnerable program setuid, you'll gain a shell with root privileges. As we discussed in class, there are several challenges to developing the exploit string: what exploit code to use
- where to put the exploit code in the exploit string
- where to put the address of the exploit code in the string
- how to determine the address of the exploit code on the stack when the exploit string is read
- This lab will help you understand these challenges.
In addition to the attacks, we'll discuss protection schemes to prevent buffer overflow attacks and, in some cases, ways to bypass protections.
Please read Buffer_Overflow.pdf for more instructions.