assignment 757

The program bmptool contains a number of exploitable bugs. Reverse engineer the program to locate the vulnerabilities, and hand in the following:

  1. A commented dissassembly of a function which contains a stack based vulnerability (stack buffer overflow or format string vulnerability). Include enough details to demonstrate that you know why the function is vulnerable, and how this vulnerability can be exploited.
  2. A drawing of the stack layout of the function from (1), describing the layout at the time of exploitation.
  3. A self-contained (i.e., if it needs files on disk, it must write the files first) exploit for the vulnerability from (1). You are free to choose any (publicly documented) programming language for your exploit. You may use shellcode from the previous assignments, or write a new one. Document your code well.
  4. A commented dissassembly of a function which contains a heap vulnerability (heap buffer overflow, use after free, write-what-where or similar). Include enough details to demonstrate that you know why the function is vulnerable, and how this vulnerability can be exploited.
  5. A drawing of the heap layout of the relevant chunks from (4), describing the layout at the time of exploitation.
  6. A self-contained (i.e., if it needs files on disk, it must write the files first) exploit for the vulnerability from (4). You are free to choose any (publicly documented) programming language for your exploit. You may use shellcode from the previous assignments, or write a new one. Document your code well.

If your code from (3) and (6) needs a build step, you should include a Makefile or build.sh

 
Do you need a similar assignment done for you from scratch? Order now!
Use Discount Code "Newclient" for a 15% Discount!