This is a school project which involves reverse engineering and exploiting a stack Here is part of the description:
The most sophisticated form of buffer overflow attack causes the program
to execute some exploit code that changes the program’s register/memory
state, but makes the program return to the original calling function
(test in this case). The calling function is oblivious to the attack.
This style of attack is tricky, though, since you must: 1) get machine
code onto the stack, 2) set the return pointer to the start of this code,
and 3) undo any corruptions made to the stack state.
Your job for this level is to supply an exploit string that will cause
getbuf to return your cookie back to test, rather than the value 1. You
can see in the code for test that this will cause the program to go
“Boom!.” Your exploit code should set your cookie as the return value,
restore any corrupted state, push the correct return location on the
stack, and execute a ret instruction to really return to test.
Some Advice:
• You can use GDB to get the information you need to construct your
exploit string. Set a breakpoint within getbuf and run to this breakpoint.
Determine parameters such as the saved return address.
• Determining the byte encoding of instruction sequences by hand is
tedious and prone to errors. You can let tools do all of the work by
writing an assembly code file containing the instructions and data
you want to put on the stack. Assemble this file with GCC and disassemble
it with OBJDUMP. You should be able to get the exact byte sequence
that you will type at the prompt. (A brief example of how to do this
is included at the end of this writeup.)
Once you complete this level, pause to reflect on what you have
accomplished. You caused a program to execute machine code of your
own design. You have done so in a sufficiently stealthy way that
the program did not realize that anything was amiss.
This is one phase. I need this and one more easier phase done ASAP so please let me know if you are interested.
I can do this within 24 hours, I've successfully done several versioins of CSAPP buffer labs(from the book website, from a coursera course, from other schools).
Looking forward for your message!