In order to exploit dirtyCOW vulnerability, Is it possible to use two processes instead of two threads?
Added by Jennifer P.
Step 1
DirtyCOW (CVE-2016-5195) is a race condition in the Linux kernel's copy-on-write (COW) mechanism that allows an unprivileged user to gain write access to read-only memory mappings. Show more…
Show all steps
Your feedback will help us improve your experience
Akash M and 54 other AP CS educators are ready to help you.
Ask a new question
Labs
Want to see this concept in action?
Explore this concept interactively to see how it behaves as you change inputs.
Key Concepts
Recommended Videos
CECS 378 Lab 3 Buffer Overflow 60 points Assignment Description: This assignment focuses on buffer overflow attacks and how they can be carried out on poorly-programmed system programs. You may not be able to complete this assignment on a modern operating system as there are canaries built-in modern shells (such as kernels) to prevent such things from occurring. We recommend using an older Linux distribution in a virtual machine for this assignment (something prior to Linux kernel version 2.4). However, you are welcome to attempt this on a modern OS and see if you can get it to work. Review the article "Smashing the Stack for Fun and Profit" for a very good, detailed introduction on stack smashing attacks. Assignment: Given the following C code file, perform a stack smash on the vulnerable code file. Write a C program that can create a named exploit. Your program should attempt to open up your shell on the attacked system. Test this by typing the command "whoami" in the resulting terminal. The exploit code must be compiled into its own separate program and must not be altered from its original state. #include <stdio.h> #include <string.h> int main(int argc, char **argv) { char buffer[193]; char client[100]; int dl = 100; // Call exploitable function exploitable(argv[i]); // Return everything is OK return 0; } void exploitable(char *arg) { // Make some stack space char buffer[10]; // Copy the buffer strcpy(buffer, arg); // Print the buffer printf("The buffer says: %s ", buffer); // Return everything return; } Note: When running many versions of Linux, you may need to disable some address randomization.
Akash M.
Is it possible to have a deadlock involving only one single-threaded process? Explain your answer
Haricharan G.
Overview: The goal of this assignment is to exploit a "badly written" piece of code to gain root (administrator) access on a system. Do not use this code anywhere. The code called badcopy asks the user for two filenames; it then copies the contents of the first file (source) to the second file (destination). The code does not check if the second file exists, it just overwrites it. Since badcopy has setuid as root, to prevent users from copying restricted files, a file called .restricted is checked to make sure that none of the two strings entered are "restricted". If that is the case, the copying is not performed. As an attacker, think about ways to obtain a copy of this file and to bypass this restriction. Problem 1 - Find four unique exploits and write shell scripts for each exploit. Name your scripts exploit1.sh, exploit2.sh, exploit3.sh, and exploit4.sh. To determine if two exploits are unique, think about this. If you fixed the code to prevent the first exploit, does that also prevent the second exploit? If you answer yes, then the two exploits are not unique. If you are not sure, please contact the course staff. Important: At least one of your exploits must be a buffer overflow attack or ROP/return-to-libc or string format attack. The goal here is to get a root shell. In addition to the exploit scripts, create a text file explaining what vulnerability your exploit attacks and what your script does. Name your text file exploit1.txt, exploit2.txt, exploit3.txt, and exploit4.txt.
Recommended Textbooks
Computer Science and Information Technology
Introduction to Programming Using Python
Computer Science - An Overview
Transcript
18,000,000+
Students on Numerade
Trusted by students at 8,000+ universities
Watch the video solution with this free unlock.
EMAIL
PASSWORD