缓冲区溢出实验明.docVIP

Introduction This assignment helps you develop a detailed understanding of the calling stack organization on an IA32 processor. It involves applying a series of buffer overflow attacks on an executable file bufbomb in the lab directory. Note: In this lab, you will gain firsthand experience with one of the methods commonly used to exploit security weaknesses in operating systems and network servers. Our purpose is to help you learn about the runtime operation of programs and to understand the nature of this form of security weakness so that you can avoid it when you write system code. We do not condone the use of these or any other form of attack to gain unauthorized access to any system resources. There are criminal statutes governing such activities. Login the Server Everyone has an account on our Server, the address is 10.13.75.177, and username is stu+ your student number (ex:stu0472001), the default password is csapp2007. You can get the access with putty. Start by copying buflab-handout.tar to a (protected) directory in which you plan to do your work. Then give the command “tar xvf buflab-handout.tar”. This will cause a number of files to be unpacked in the directory: MAKECOOKIE: Generates a “cookie” based on your name. BUFBOMB: The code you will attack. SENDSTRING: A utility to help convert between string formats. All of these programs are compiled to run on Linux machines. In the following instructions, we will assume that you have copied the three programs to a protected local directory, and that you are executing them in that local directory. Get your cookie A cookie is a string of eight hexadecimal digits that is (with high probability) unique to your name. You can generate your cookie with the makecookie program giving your name as the argument. For example: unix ./makecookie bovik 0x78327b66 The BUFBOMB Program The BUFBOMB program reads a string from standard input with a function getbuf having the following C code: 1 int getbuf() 2 { 3 char buf[12];