sen-material: progs/README@c9f28c80bb08 (annotated)

392 4dff36e2bbc6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 213 diff changeset	1	Virtual-Box
4dff36e2bbc6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 213 diff changeset	2
410 d0a95f3aa65e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 403 diff changeset	3	Start "Linux Hacking"
d0a95f3aa65e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 403 diff changeset	4	login is cu
d0a95f3aa65e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 403 diff changeset	5	password is "test"
392 4dff36e2bbc6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 213 diff changeset	6
393 cb308583d86c updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 392 diff changeset	7	The programs are under
392 4dff36e2bbc6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 213 diff changeset	8
395 60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	9	cu$> app-material/progs
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	10
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	11
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	12	Programs can be updated using
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	13
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	14	hg pull
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	15	hg update
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	16	hg revert --all
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	17
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	18	Emacs can be used to edit files
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	19
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	20	emacs -nw ...file.... (is also an alias)
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	21
477 b2c5a721f360 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 470 diff changeset	22	Compiler
b2c5a721f360 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 470 diff changeset	23
b2c5a721f360 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 470 diff changeset	24	gcc -O0 -o file file.c
b2c5a721f360 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 470 diff changeset	25
b2c5a721f360 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 470 diff changeset	26	Backtick is key §/±.
395 60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	27
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	28	C0.c
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	29	====
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	30
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	31	Add the bigger string and the long is printed out differently.
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	32
402 fb0c844a26cf updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 400 diff changeset	33	foo("my string is too long !!!!! \x15\xcd\x5b\x07");
400 f05368d007dd updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 395 diff changeset	34
395 60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	35	C1.c
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	36	====
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	37
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	38	needs to be called using
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	39
470 6764a249118a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 467 diff changeset	40	./C1 `./args1-good`
6764a249118a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 467 diff changeset	41	./C1 `./args1-bad`
395 60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	42
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	43	or in gdb using
392 4dff36e2bbc6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 213 diff changeset	44
395 60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	45	gdb --args ./C1 `args1-bad`
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	46
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	47
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	48	C2.c
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	49	====
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	50
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	51	called with
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	52
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	53	./args2-good \| ./C2
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	54	./args2-bad \| ./C2
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	55
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	56	C3.c
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	57	====
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	58	(shell injection)
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	59
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	60	called with
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	61
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	62	./C3
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	63
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	64	opens a new shell
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	65
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	66
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	67	C4.c
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	68	====
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	69	Format string attack
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	70
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	71	./C4 "%s"
60f64793266f added assembly programs Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 393 diff changeset	72	./C4 `./args4`
392 4dff36e2bbc6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 213 diff changeset	73
403 92c49c160b24 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 402 diff changeset	74	This vulnerability does not need the defences, but prints out
92c49c160b24 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 402 diff changeset	75	the string only correctly with `./args4`. The %s option needs
92c49c160b24 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 402 diff changeset	76
92c49c160b24 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 402 diff changeset	77	-mpreferred-stack-boundary=2
392 4dff36e2bbc6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 213 diff changeset	78
4dff36e2bbc6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 213 diff changeset	79
479 f76074ed6c9e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 477 diff changeset	80	C6.c
f76074ed6c9e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 477 diff changeset	81	====
f76074ed6c9e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 477 diff changeset	82	Enter the password :
f76074ed6c9e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 477 diff changeset	83	hhhhhhhhhhhhhhhhhhhh
f76074ed6c9e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 477 diff changeset	84
f76074ed6c9e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 477 diff changeset	85	Wrong Password
f76074ed6c9e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 477 diff changeset	86	Root privileges given to the user
f76074ed6c9e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 477 diff changeset	87
392 4dff36e2bbc6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 213 diff changeset	88	------------------------------------
4dff36e2bbc6 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 213 diff changeset	89
213 9c2fa54c7c2d updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 212 diff changeset	90	to switch off address randomization
9c2fa54c7c2d updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 212 diff changeset	91
9c2fa54c7c2d updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 212 diff changeset	92	echo 0 \| sudo tee /proc/sys/kernel/randomize_va_space
9c2fa54c7c2d updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 212 diff changeset	93
9c2fa54c7c2d updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 212 diff changeset	94
212 1d2744383b7a added readme Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	95
1d2744383b7a added readme Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	96	C0.c
1d2744383b7a added readme Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	97
1d2744383b7a added readme Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	98	add to string
1d2744383b7a added readme Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	99
1d2744383b7a added readme Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	100	" \x15\xcd\x5b\x07"
1d2744383b7a added readme Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	101
1d2744383b7a added readme Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	102	to get
1d2744383b7a added readme Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	103
1d2744383b7a added readme Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	104	foo("my string is too long !!!!! \x15\xcd\x5b\x07");

author	Christian Urban <urbanc@in.tum.de>
	Sun, 24 Sep 2017 17:51:31 +0100
changeset 528	c9f28c80bb08
parent 479	f76074ed6c9e
child 546	3d1f65e43065
permissions	-rw-r--r--