2 Part question: PART 1: You are writing buffer overflow attack. The target of y

Question

2 Part question:

PART 1: You are writing buffer overflow attack. The target of your attack is a procedure named victim, which receives a packet from the network and stores it in a buffer that is allocated on the stack.Your goal is to force victim to call this function:

int osCommand (int arg1, int arg2, int arg3)
{
    ...
}

You want victim to call osCommand with the following arguments:

osCommand(0xCAFEBEEF, 3, 1024);

You know that osCommand will be at address 0x401050 in memory, the value of esp will be 0x22FD60 while victim is running, and esp will point to the start of the buffer. You need to make sure that victim's return address on the stack is replaced with:

1) the value of ebp

2) the value of esp

3) 0x401050

4) 0xCAFEBEEF

PART 2: The address that victim is supposed to return to is present on the stack before the attack packet is received. Can the attack code save and use that address?

a) Yes

b) No

Explanation / Answer

Answer :

PART 1:

4) 0xCAFEBEEF

PART 2:

2)No (we cannot save the attack code save and use the address anymore further)

Related Questions

Navigate

• Browse (All)
• Browse 2
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.