Embedded Files
LOG INTO DETERLAB
LOG INTO DETERLAB
Ask teacher for username and password, then use them to log into Deterlab at:
LOG INTO THE EXPERIMENT
LOG INTO THE EXPERIMENT
Click on XDC, then click on Jupyter link and then on Terminal app
Type su - yourusername
Type ssh buffer
CREATE A FOLDER FOR YOU
CREATE A FOLDER FOR YOU
type:
mkdir yourfoldername
cp /tmp/buffer/app.cc /tmp/buffer/Makefile yourfoldername
cd yourfoldername
TRY OUT buffer overflow
TRY OUT buffer overflow
Compile the app, type: make
Run the app, type: ./app
Read the code of the app, figure out how long string to input to overflow the buffer. Try it out. What happened?
PATCH the code
PATCH the code
Try using strncpy instead of strcpy. strncpy takes as third argument how many bytes to copy so strncpy(a, b, 10) would only copy 10 bytes from b into a. You can edit the code by typing nano app.cc and following instructions shown at the bottom of your screen to save the file and exit (save is CTRL+S, exit is CTRL+X)
Compile the app, type: make
Run the app, type: ./app
Try your attack again. Did it work?
Page updated
Google Sites
Report abuse