\documentclass{article}\usepackage{../style}\begin{document}\section*{Homework 3}\HEADER\begin{enumerate}\item How does a buffer-overflow attack work? (Hint: What happens on the stack.)\item Why is it crucial for a buffer overflow attack that the stack grows from higher addresses to lower ones?\item What does it mean for the stack to be executable and why is this important for a buffer overflow attack?\item If the attacker uses a buffer overflow attack in order to inject code, why can this code not contain any zero bytes?\item How does a stack canary help with preventing a buffer-overflow attack?\item Why does randomising the addresses from where programs are run help defending against buffer overflow attacks?\item What is a format string attack?\item Assume format string attacks allow you to read out the stack. What can you do with this information? (Hint: Consider what is stored in the stack.)\item Assume you can crash a program remotely. Why is this a problem?\item How can the choice of a programming language help with buffer overflow attacks? (Hint: Why are C-programs prone to such attacks, but not Java programs.)\item When filling the buffer that is attacked with a payload (starting a shell), what is the purpose of padding the string at the beginning with NOP-instructions.\item \POSTSCRIPT\end{enumerate}\end{document}%%% Local Variables: %%% mode: latex%%% TeX-master: t%%% End: