Reading QuestionsRemember to submit your answer to this quetion before the next class.
Compile this program
a.c with gcc :
int main (){ system ("ls -l"); return 0; }and try to find out the address of the function system (you may want to read the paper for the detail
of the technique), write down the address you've found. And then repeat
the process for a second time, and again write down the adress of
function system . Are the two addresses same or not? What's
the challenge when you permform a return-to-libc attack on your machine?
Now compile this program again with: gcc -static a.cand then find out the address for system (Hint: don't use
gdb , use objdump instead). Can you attack
this program with return-to-libc? Why?
|