\documentclass{article}\usepackage{../style}\begin{document}\section*{Homework 3}\HEADER\begin{enumerate}\item How does a buffer-overflow attack work? (Hint: What happens on the stack.)\item Why is it crucial for a buffer overflow attack that the stack grows from higher addresses to lower ones?\item If the attacker uses a buffer overflow attack in order toinject code, why can this code not contain any zero bytes?\item How does a stack canary help with preventing a buffer-overflow attack?\item Why does randomising the addresses from where programs are run help defending against buffer overflow attacks?\item Assume format string attacks allow you to read out the stack. What can you do with this information? (Hint: Consider what is stored in the stack.)\item Assume you can crash a program remotely. Why is this a problem?\item How can the choice of a programming language help with buffer overflow attacks? (Hint: Why are C-programs prone to such attacks, but not Java programs.)\item When filling the buffer that is attacked with apayload (starting a shell), what is the purpose of padding the string at the beginning with NOP-instructions. \end{enumerate}\end{document}%%% Local Variables: %%% mode: latex%%% TeX-master: t%%% End: