Materials

After finishing the last section of slides from L17, we will begin our in-class buffer exploits lab. You will compile a simple program that has a buffer exploit, then produce inputs for this program using a python script, then learn to debug this program in order to inspect the structure of the stack and location of the return address value, and finally construct an input that overwrites this value to your chosen value.

Questions

• understanding /proc/pid/maps
• Seeing the result of aslr
• What does sudo sysctl -w kernel.randomize_va_space=0 do ?
• Understanding how to compile p1 using gcc
• What does -z execstack on the gcc command line do?
• understanding how to use programs like objdump
• This is what we use to compile: gcc -fno-stack-protector -z execstack /home/abhi/programs/p1.c -o p1