United States Naval Academy Electrical and Computer Engineering Department EC312-6 Week Midterm Spring 2016
|
|
- Theodore Williams
- 6 years ago
- Views:
Transcription
1 United States Naval Academy Electrical and Computer Engineering Department EC312-6 Week Midterm Spring Do a page check: you should have 7 pages including this cover sheet. 2. You have 50 minutes to complete this exam. 3. An FE-approved calculator may be used for this exam. Calculators may not be shared. 4. This is a closed book and closed notes exam. You may use one single-sided hand-written page of notes. 5. Turn in your single-sided hand-written page of notes with your exam. 6. This exam may be given as a makeup exam to several midshipmen at a later time. No communication is permitted concerning this exam with anyone who has not yet taken the exam. Name: Instructor: Page 1 of 7
2 Question 1. (4 pts) For an NPN transistor which of the following are true? Circle ALL that apply. a. When properly biased, IB<IE b. Has 3 terminals: Base, Ground, and Emitter. c. When properly biased, both junctions are forward biased. d. Can be used to create digital logic circuits. Question 2. For the logic circuit shown below: 1) (8 pts) Complete the truth table. 2) (4 pts) Determine the Boolean expression for the output Z in terms of A, B & C. A B V Z A B C V W X Y Z C W X Y Z = Question 3. (4 pts) What feature of C makes a buffer overflow attack possible? Describe this feature. Page 2 of 7
3 Question 4. (8 pts) What will be the output of this program when it is compiled and run? #include <stdio.h> int main() int j,i=0; for ( j = 3 ; j > 0 ; j = j - 2 ) i=i+j; printf("%d: %d\n", j, i); Question 5. (4 pts) Circle the correct statement. (i) The text segment grows from the top down, the heap is fixed, and the stack grows from the bottom up. (ii) (iii) (iv) The text segment is fixed, the heap grows from the top down, and the stack grows from the bottom up. The text segment is fixed, the heap grows from the bottom up, and the stack grows from the top down. The text segment grows from the top down, the heap grows from the bottom up, and the stack is fixed. Question 6. (6 pts) Match the following: ebp RAM CPU char machine code high-level language Boolean pointer gcc gdb eip esp a. program instructions stored in binary format b. debugging program c. a register that holds the address of the bottom of the stack d. a register that holds the next instruction to be executed e. contains registers f. examples are C and Java g. true or false h. holds ASCII values i. variable that stores an address j. main memory k. address of the top of the stack l. program used to compile programs Page 3 of 7
4 Address Value Description 0xBFFFF7F4 0xBFFFF7F5 0xBFFFF7F6 0xBFFFF7F7 0xBFFFF7F8 0xBFFFF7F9 0xBFFFF7FA 0xBFFFF7FB 0xBFFFF7FC 0xBFFFF7FD 0xBFFFF7FE 0xBFFFF7FF 0xBFFFF800 esp-main points here 0xBFFFF801 0xBFFFF802 0xBFFFF803 0xBFFFF xBFFFF xBFFFF xBFFFF xBFFFF xBFFFF xBFFFF80A 00 0xBFFFF80B 00 0xBFFFF80C E4 ebp-main points here Question 7. Suppose a breakpoint is set at line 4 and 10 in the code below, and the program is run up until the first breakpoint using gdb. The stack is shown to the above including the ebp and esp locations. For the questions that follow, assume that the compiler doesn t add any padding between items it stores on the stack. 1 int square(int num) 2 3 int result = num*num; 4 return result; 5 6 int main() 7 8 int a = 5; 9 int a_squared = 0; 10 a_squared = square(a); 11 (a) (4 pts) If you typed i r ebp at this point in program execution, what address will be given? (b) (4 pts) The program is run until the next breakpoint. Add the following labels in the Description column: function argument a, return_address, prior_ebp (or saved ebp), and function variable result. (c) (2 pts) Add the following labels in the Description column to where the esp and ebp currently point with the labels: esp-square points here and ebp-square points here (d) (4 pts) If you typed i r ebp at this point in program execution, what address will be given? (e) (8 pts) If the return address is 0x , fill in the values for all the items you labeled in the Value column. Page 4 of 7
5 Question 8. Consider the C program below. The program is run up to a breakpoint on line #include<stdio.h> #include<string.h> int main() char slogan[10]= Go Navy ; char *ptr1=slogan; char *ptr2=ptr1+3; strcpy(ptr1, Beat Army ); printf("\n%s", slogan ); printf("\n%s", ptr2 ); The picture below shows a portion of main memory. Each box in the figure represents one byte of storage. Assume no padding. Address Value Description Address Value Description 0xBFFFF 0xBFFFF 0xBFFFF 0xBFFFF 0xBFFFF esp points here 0xBFFFF 0xBFFFF 0xBFFFF 0xBFFFF 0xBFFFF 47 0xBFFFF 0xBFFFF6EF 6f 0xBFFFF 0xBFFFF 20 0xBFFFF 0xBFFFF 4e 0xBFFFF 0xBFFFF 61 0xBFFFF 0xBFFFF 76 0xBFFFF 0xBFFFF 79 0xBFFFF 0xBFFFF 00 0xBFFFF 0xBFFFF 81 0xBFFFF 0xBFFFF 88 ebp points here (a) (3 pts) Complete the addresses in the Address column. (b) (4 pts) Assuming that the compiler doesn't add any padding (i.e. extra space) when loading variables onto the stack, indicate the locations where slogan, ptr1, and ptr2 are stored in memory in the Description column. (c) (8 pts) Enter the values for ptr1 and ptr2 in the Value column. Question 9. (4 pts) What does the following code do? char *ptr1; ptr1 = (char *) malloc(10); Page 5 of 7
6 Question 10. Consider the file listing shown below. - rwxr-x--- l joe ultusers :13 awesomeprogram.exe (a) (3 pts) Who is the owner of this file? (b) (3 pts) Who can execute this file? Question 11. (5 pts) List and describe a defense against a buffer overflow attack. Page 6 of 7
7 Question 12. Consider the program below, named Classes.c. #include<stdio.h> int main() int importantnumber=2003; int class=2017; char alpha[7]; char name[10]; printf( Enter your name: ); scanf( %s, name ); printf( Enter your alpha #: ); scanf( %s, alpha ); printf("\n MIDN %s (%s): Class of %d may be great, but the Class of %d was better!\n", name, alpha, class, importantnumber); Assume that no padding (extra space) is created when variables are loaded on the stack. (10 pts) If an enterprising midshipman wants to use a buffer overflow attack to completely overwrite the value of the variable importantnumber, what is the minimum number of characters they would have to enter when prompted to enter their name? Justify your reasoning by including a diagram of the program stack. Turn in your equation sheet with your exam! Page 7 of 7
United States Naval Academy Electrical and Computer Engineering Department EC310-6 Week Midterm Spring 2015
United States Naval Academy Electrical and Computer Engineering Department EC310-6 Week Midterm Spring 2015 1. Do a page check: you should have 8 pages including this cover sheet. 2. You have 50 minutes
More informationUnited States Naval Academy Electrical and Computer Engineering Department EC310-6 Week Midterm Spring AY2017
United States Naval Academy Electrical and Computer Engineering Department EC310-6 Week Midterm Spring AY2017 1. Do a page check: you should have 8 pages including this cover sheet. 2. You have 50 minutes
More information6 WEEK EXAM NAME: ALPHA: SECTION:
6 WEEK EXAM NAME: ALPHA: SECTION: 1. This is individual work. 2. SHOW ALL WORK! 3. Write legibly to receive credit. 4. Turn in your equation sheet. SCORE: /100 SCALE >89.5%: 31337 79.5 89.5%: H@XX0R 69.5
More informationEC312 Chapter 5: Intro to Pointers
Objectives: EC312 Chapter 5: Intro to Pointers (a) Explain the operation of the address operator. (b) Given the source code of a C program which uses pointers, and the output of the debugger, locate the
More informationEC312 Chapter 4: Arrays and Strings
Objectives: (a) Describe how an array is stored in memory. (b) Define a string, and describe how strings are stored. EC312 Chapter 4: Arrays and Strings (c) Describe the implications of reading or writing
More informationChapter 7: User Defined Functions and Stack Mechanics
Chapter 7: User Defined Functions and Stack Mechanics Objectives: (a) Demonstrate the ability to analyze simple programs that use library and user defined functions. (b) Describe the organization and contents
More informationChapter 3: Arrays and More C Functionality
Chapter 3: Arrays and More C Functionality Objectives: (a) Describe how an array is stored in memory. (b) Define a string, and describe how strings are stored. (c) Describe the implications of reading
More informationCNIT 127: Exploit Development. Ch 2: Stack Overflows in Linux
CNIT 127: Exploit Development Ch 2: Stack Overflows in Linux Stack-based Buffer Overflows Most popular and best understood exploitation method Aleph One's "Smashing the Stack for Fun and Profit" (1996)
More informationENEE 457: Computer Systems Security. Lecture 16 Buffer Overflow Attacks
ENEE 457: Computer Systems Security Lecture 16 Buffer Overflow Attacks Charalampos (Babis) Papamanthou Department of Electrical and Computer Engineering University of Maryland, College Park Buffer overflow
More informationCS 392/681 Lab 6 Experiencing Buffer Overflows and Format String Vulnerabilities
CS 392/681 Lab 6 Experiencing Buffer Overflows and Format String Vulnerabilities Given: November 13, 2003 Due: November 20, 2003 1 Motivation Buffer overflows and format string vulnerabilities are widespread
More informationProject 1 Notes and Demo
Project 1 Notes and Demo Overview You ll be given the source code for 7 short buggy programs (target[1-7].c). These programs will be installed with setuid root Your job is to write exploits (sploit[1-7].c)
More informationDalhousie University CSCI 2132 Software Development Winter 2018 Midterm Examination II March 12 15:37-16:24
Dalhousie University CSCI 2132 Software Development Winter 2018 Midterm Examination II March 12 15:37-16:24 Student Name: Student ID Number: FCS Username (CSID): Signature: Please Note: These solutions
More informationLinux Memory Layout. Lecture 6B Machine-Level Programming V: Miscellaneous Topics. Linux Memory Allocation. Text & Stack Example. Topics.
Lecture 6B Machine-Level Programming V: Miscellaneous Topics Topics Linux Memory Layout Understanding Pointers Buffer Overflow Upper 2 hex digits of address Red Hat v. 6.2 ~1920MB memory limit FF C0 Used
More informationClass Information ANNOUCEMENTS
Class Information ANNOUCEMENTS Third homework due TODAY at 11:59pm. Extension? First project has been posted, due Monday October 23, 11:59pm. Midterm exam: Friday, October 27, in class. Don t forget to
More informationEE 312 Fall 2018 Midterm 1 Version A October 10, 2018
EE 312 Fall 2018 Midterm 1 Version A October 10, 2018 I promise that all work on this exam is my own, that I have not received assistance on it, and that I am adhering to the University's honor code. Name:
More informationCS Introduction to Programming Midterm Exam #2 - Prof. Reed Fall 2015
CS 141 - Introduction to Programming Midterm Exam #2 - Prof. Reed Fall 2015 You may take this test with you after the test, but you must turn in your answer sheet. This test has the following sections:
More informationbuffer overflow exploitation
buffer overflow exploitation Samuele Andreoli, Nicolò Fornari, Giuseppe Vitto May 11, 2016 University of Trento Introduction 1 introduction A Buffer Overflow is an anomaly where a program, while writing
More informationQuestion 4.2 2: (Solution, p 5) Suppose that the HYMN CPU begins with the following in memory. addr data (translation) LOAD 11110
Questions 1 Question 4.1 1: (Solution, p 5) Define the fetch-execute cycle as it relates to a computer processing a program. Your definition should describe the primary purpose of each phase. Question
More informationThe Edward S. Rogers Sr. Department of Electrical and Computer Engineering
ECE 468S Computer Security The Edward S. Rogers Sr. Department of Electrical and Computer Engineering Mid-term Examination, March 2006 Name Student # Answer all questions. Write your answers on the exam
More informationCS 261 Fall C Introduction. Variables, Memory Model, Pointers, and Debugging. Mike Lam, Professor
CS 261 Fall 2017 Mike Lam, Professor C Introduction Variables, Memory Model, Pointers, and Debugging The C Language Systems language originally developed for Unix Imperative, compiled language with static
More informationCSE 303: Concepts and Tools for Software Development
CSE 303: Concepts and Tools for Software Development Hal Perkins Winter 2009 Lecture 7 Introduction to C: The C-Level of Abstraction CSE 303 Winter 2009, Lecture 7 1 Welcome to C Compared to Java, in rough
More informationCSE 351. GDB Introduction
CSE 351 GDB Introduction Lab 2 Out either tonight or tomorrow Due April 27 th (you have ~12 days) Reading and understanding x86_64 assembly Debugging and disassembling programs Today: General debugging
More informationLecture 20. Delta Debugging Regression Testing. EE 382V Spring 2009 Software Evolution - Instructor Miryung Kim
Lecture 20 Delta Debugging Regression Testing EE 382V Spring 2009 Software Evolution - Instructor Miryung Kim Today s Agenda Regression Testing Delta Debugging: Presentation by Divya (advocate) Presentation
More informationProgramming Studio #9 ECE 190
Programming Studio #9 ECE 190 Programming Studio #9 Concepts: Functions review 2D Arrays GDB Announcements EXAM 3 CONFLICT REQUESTS, ON COMPASS, DUE THIS MONDAY 5PM. NO EXTENSIONS, NO EXCEPTIONS. Functions
More informationSample Midterm (Spring 2010)
Sample Midterm (Spring 2010) Solutions are shown in this style. This exam was given in Spring 2010. 1. Executing Programs on IA32 (30 pts) The following questions relate to how programs are compiled for
More informationQ1: /20 Q2: /30 Q3: /24 Q4: /26. Total: /100
ECE 2035(B) Programming for Hardware/Software Systems Fall 2013 Exam Two October 22 nd 2013 Name: Q1: /20 Q2: /30 Q3: /24 Q4: /26 Total: /100 1/6 For functional call related questions, let s assume the
More informationStack Tutorial. Young W. Lim Sat. Young W. Lim Stack Tutorial Sat 1 / 15
Stack Tutorial Young W. Lim 2016-10-15 Sat Young W. Lim Stack Tutorial 2016-10-15 Sat 1 / 15 Outline 1 Introduction References Stack Background Transferring Control Young W. Lim Stack Tutorial 2016-10-15
More informationCS 161 Computer Security. Week of January 22, 2018: GDB and x86 assembly
Raluca Popa Spring 2018 CS 161 Computer Security Discussion 1 Week of January 22, 2018: GDB and x86 assembly Objective: Studying memory vulnerabilities requires being able to read assembly and step through
More informationCNIT 127: Exploit Development. Ch 1: Before you begin. Updated
CNIT 127: Exploit Development Ch 1: Before you begin Updated 1-14-16 Basic Concepts Vulnerability A flaw in a system that allows an attacker to do something the designer did not intend, such as Denial
More informationBuffer-Overflow Attacks on the Stack
Computer Systems Buffer-Overflow Attacks on the Stack Introduction A buffer overflow occurs when a program, while writing data to a buffer, overruns the buffer's boundary and overwrites memory in adjacent
More informationAssignment 4 Buffer Overflows
LEIC/MEIC - IST Alameda LEIC/MEIC/MERC IST Taguspark DEASegInf Network and Computer Security 2012/2013 Assignment 4 Buffer Overflows Goal Exploit buffer overflow vulnerabilities. 1. Introduction Log in
More informationComputer Systems Lecture 9
Computer Systems Lecture 9 CPU Registers in x86 CPU status flags EFLAG: The Flag register holds the CPU status flags The status flags are separate bits in EFLAG where information on important conditions
More informationScientific Programming in C IX. Debugging
Scientific Programming in C IX. Debugging Susi Lehtola 13 November 2012 Debugging Quite often you spend an hour to write a code, and then two hours debugging why it doesn t work properly. Scientific Programming
More informationC Introduction. Comparison w/ Java, Memory Model, and Pointers
CS 261 Fall 2018 Mike Lam, Professor C Introduction Comparison w/ Java, Memory Model, and Pointers Please go to socrative.com on your phone or laptop, choose student login and join room LAMJMU The C Language
More informationCS16 Midterm Exam 1 E01, 10S, Phill Conrad, UC Santa Barbara Wednesday, 04/21/2010, 1pm-1:50pm
CS16 Midterm Exam 1 E01, 10S, Phill Conrad, UC Santa Barbara Wednesday, 04/21/2010, 1pm-1:50pm Name: Umail Address: @ umail.ucsb.edu Circle Lab section: 9am 10am 11am noon (Link to Printer Friendly-PDF
More informationFinal Exam 1 /12 2 /12 3 /10 4 /7 5 /4 6 /10 7 /8 8 /9 9 /8 10 /11 11 /8 12 /10 13 /9 14 /13 15 /10 16 /10 17 /12. Faculty of Computer Science
Faculty of Computer Science Page 1 of 21 Final Exam Term: Fall 2018 (Sep4-Dec4) Student ID Information Last name: First name: Student ID #: CS.Dal.Ca userid: Course ID: CSCI 2132 Course Title: Instructor:
More informationNon-stack Based Exploitation of Buffer Overrun Vulnerabilities on Windows NT/2000/XP
A NGSSoftware Insight Security Research Publication Non-stack Based Exploitation of Buffer Overrun Vulnerabilities on Windows NT/20/XP David Litchfield (david@ngssoftware.com) 5 th March 22 www.ngssoftware.com
More informationCSE 361S Intro to Systems Software Lab Assignment #4
Due: Thursday, October 23, 2008. CSE 361S Intro to Systems Software Lab Assignment #4 In this lab, you will mount a buffer overflow attack on your own program. As stated in class, we do not condone using
More informationCSE 124 Discussion (10/3) C/C++ Basics
CSE 124 Discussion (10/3) C/C++ Basics Topics - main() function - Compiling with gcc/makefile - Primitives - Structs/Enums - Function calls/loops - C++ Classes/stdtl - Pointers/Arrays - Memory allocation/freeing
More informationSchool of Computer Science Introduction to Algorithms and Programming Winter Midterm Examination # 1 Wednesday, February 11, 2015
Page 1 of 8 School of Computer Science 60-141-01 Introduction to Algorithms and Programming Winter 2015 Midterm Examination # 1 Wednesday, February 11, 2015 Marking Exemplar Duration of examination: 75
More informationBasic Buffer Overflows
Operating Systems Security Basic Buffer Overflows (Stack Smashing) Computer Security & OS lab. Cho, Seong-je ( 조성제 ) Fall, 2018 sjcho at dankook.ac.kr Chapter 10 Buffer Overflow 2 Contents Virtual Memory
More informationCSci 4061 Introduction to Operating Systems. Programs in C/Unix
CSci 4061 Introduction to Operating Systems Programs in C/Unix Today Basic C programming Follow on to recitation Structure of a C program A C program consists of a collection of C functions, structs, arrays,
More informationWhen you add a number to a pointer, that number is added, but first it is multiplied by the sizeof the type the pointer points to.
Refresher When you add a number to a pointer, that number is added, but first it is multiplied by the sizeof the type the pointer points to. i.e. char *ptr1 = malloc(1); ptr1 + 1; // adds 1 to pointer
More information15-213/18-243, Fall 2010 Exam 1 - Version A
Andrew login ID: Full Name: Section: 15-213/18-243, Fall 2010 Exam 1 - Version A Tuesday, September 28, 2010 Instructions: Make sure that your exam is not missing any sheets, then write your Andrew login
More informationPractical Malware Analysis
Practical Malware Analysis Ch 4: A Crash Course in x86 Disassembly Revised 1-16-7 Basic Techniques Basic static analysis Looks at malware from the outside Basic dynamic analysis Only shows you how the
More informationCSCI-243 Exam 1 Review February 22, 2015 Presented by the RIT Computer Science Community
CSCI-243 Exam 1 Review February 22, 2015 Presented by the RIT Computer Science Community http://csc.cs.rit.edu History and Evolution of Programming Languages 1. Explain the relationship between machine
More informationCMSC 313 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING
CMSC 313 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING LECTURE 16, SPRING 2013 TOPICS TODAY Project 6 Perils & Pitfalls of Memory Allocation C Function Call Conventions in Assembly Language PERILS
More informationIntroduction to Computer Systems , fall th Lecture, Sep. 28 th
Introduction to Computer Systems 15 213, fall 2009 9 th Lecture, Sep. 28 th Instructors: Majd Sakr and Khaled Harras Last Time: Structures struct rec { int i; int a[3]; int *p; }; Memory Layout i a p 0
More informationStack overflow exploitation
Stack overflow exploitation In order to illustrate how the stack overflow exploitation goes I m going to use the following c code: #include #include #include static void
More informationRuntime Defenses against Memory Corruption
CS 380S Runtime Defenses against Memory Corruption Vitaly Shmatikov slide 1 Reading Assignment Cowan et al. Buffer overflows: Attacks and defenses for the vulnerability of the decade (DISCEX 2000). Avijit,
More informationCSC 2400: Computer Systems. Using the Stack for Function Calls
CSC 24: Computer Systems Using the Stack for Function Calls Lecture Goals Challenges of supporting functions! Providing information for the called function Function arguments and local variables! Allowing
More informationBUFFER OVERFLOW. Jo, Heeseung
BUFFER OVERFLOW Jo, Heeseung IA-32/LINUX MEMORY LAYOUT Heap Runtime stack (8MB limit) Dynamically allocated storage When call malloc(), calloc(), new() DLLs (shared libraries) Data Text Dynamically linked
More informationBuffer Overflow. Jo, Heeseung
Buffer Overflow Jo, Heeseung IA-32/Linux Memory Layout Heap Runtime stack (8MB limit) Dynamically allocated storage When call malloc(), calloc(), new() DLLs (shared libraries) Data Text Dynamically linked
More informationBuffer Overflow. Jin-Soo Kim Computer Systems Laboratory Sungkyunkwan University
Buffer Overflow Jin-Soo Kim (jinsookim@skku.edu) Computer Systems Laboratory Sungkyunkwan University http://csl.skku.edu IA-32/Linux Memory Layout Runtime stack (8MB limit) Heap Dynamically allocated storage
More informationCSC 591 Systems Attacks and Defenses Return-into-libc & ROP
CSC 591 Systems Attacks and Defenses Return-into-libc & ROP Alexandros Kapravelos akaprav@ncsu.edu NOEXEC (W^X) 0xFFFFFF Stack Heap BSS Data 0x000000 Code RW RX Deployment Linux (via PaX patches) OpenBSD
More informationCSCI 2132 Final Exam Solutions
Faculty of Computer Science 1 CSCI 2132 Final Exam Solutions Term: Fall 2018 (Sep4-Dec4) 1. (12 points) True-false questions. 2 points each. No justification necessary, but it may be helpful if the question
More informationFinal CSE 131B Spring 2004
Login name Signature Name Student ID Final CSE 131B Spring 2004 Page 1 Page 2 Page 3 Page 4 Page 5 Page 6 Page 7 Page 8 (25 points) (24 points) (32 points) (24 points) (28 points) (26 points) (22 points)
More informationCSC 2400: Computing Systems. X86 Assembly: Function Calls"
CSC 24: Computing Systems X86 Assembly: Function Calls" 1 Lecture Goals! Challenges of supporting functions" Providing information for the called function" Function arguments and local variables" Allowing
More informationMIDTERM TEST EESC 2031 Software Tools June 13, Last Name: First Name: Student ID: EECS user name: TIME LIMIT: 110 minutes
MIDTERM TEST EESC 2031 Software Tools June 13, 2017 Last Name: First Name: Student ID: EECS user name: TIME LIMIT: 110 minutes This is a closed-book test. No books and notes are allowed. Extra space for
More informationDynamic Memory Allocation
Dynamic Memory Allocation The process of allocating memory at run time is known as dynamic memory allocation. C does not Inherently have this facility, there are four library routines known as memory management
More informationIsolating and Locating Cause-Effect Chains. bug.c. What is the cause of this failure? What do we do now? Andreas Zeller
Isolating and Locating Cause-Effect Chains Andreas Zeller 1 bug.c double bug(double z[], int n) { int i, j; } i = 0; for (j = 0; j < n; j++) { i = i + j + 1; z[i] = z[i] * (z[0] + 1.0); } return z[n];
More informationBuffer Overflows. Buffer Overflow. Many of the following slides are based on those from
s Many of the following slides are based on those from 1 Complete Powerpoint Lecture Notes for Computer Systems: A Programmer's Perspective (CS:APP) Randal E. Bryant and David R. O'Hallaron http://csapp.cs.cmu.edu/public/lectures.html
More informationBuffer-Overflow Attacks on the Stack
Computer Systems Buffer-Overflow Attacks on the Stack Introduction A buffer overflow occurs when a program, while writing data to a buffer, overruns the buffer's boundary and overwrites memory in adjacent
More informationINDIAN INSTITUTE OF TECHNOLOGY KHARAGPUR Stamp / Signature of the Invigilator
INDIAN INSTITUTE OF TECHNOLOGY KHARAGPUR Stamp / Signature of the Invigilator EXAMINATION ( End Semester ) SEMESTER ( Spring ) Roll Number Section Name Subject Number C S 1 0 0 0 1 Subject Name Programming
More informationFunctions. Arash Rafiey. September 26, 2017
September 26, 2017 are the basic building blocks of a C program. are the basic building blocks of a C program. A function can be defined as a set of instructions to perform a specific task. are the basic
More informationCSE 333 Midterm Exam 5/10/13
Name There are 5 questions worth a total of 100 points. Please budget your time so you get to all of the questions. Keep your answers brief and to the point. The exam is closed book, closed notes, closed
More informationMidterm Exam. CSCI 2132: Software Development. March 4, Marks. Question 1 (10) Question 2 (10) Question 3 (10) Question 4 (10) Question 5 (5)
Banner number: Name: Midterm Exam CSCI 2132: Software Development March 4, 2019 Marks Question 1 (10) Question 2 (10) Question 3 (10) Question 4 (10) Question 5 (5) Question 6 (5) Total (50) Instructions:
More informationCSC 2400: Computing Systems. X86 Assembly: Function Calls
CSC 24: Computing Systems X86 Assembly: Function Calls 1 Lecture Goals Challenges of supporting functions Providing information for the called function Function arguments and local variables Allowing the
More informationSecure Programming Lecture 3: Memory Corruption I (Stack Overflows)
Secure Programming Lecture 3: Memory Corruption I (Stack Overflows) David Aspinall, Informatics @ Edinburgh 24th January 2017 Outline Roadmap Memory corruption vulnerabilities Instant Languages and Runtimes
More informationMemory Allocation. General Questions
General Questions 1 Memory Allocation 1. Which header file should be included to use functions like malloc() and calloc()? A. memory.h B. stdlib.h C. string.h D. dos.h 2. What function should be used to
More information2 Sadeghi, Davi TU Darmstadt 2012 Secure, Trusted, and Trustworthy Computing Chapter 6: Runtime Attacks
Runtime attacks are major threats to today's applications Control-flow of an application is compromised at runtime Typically, runtime attacks include injection of malicious code Reasons for runtime attacks
More informationQuiz 0 Review Session. October 13th, 2014
Quiz 0 Review Session October 13th, 2014 Topics (non-exhaustive) Binary. ASCII. Algorithms. Pseudocode. Source code. Compiler. Object code. Scratch. Statements. Boolean expressions. Conditions. Loops.
More informationQ1: /8 Q2: /30 Q3: /30 Q4: /32. Total: /100
ECE 2035(A) Programming for Hardware/Software Systems Fall 2013 Exam Three November 20 th 2013 Name: Q1: /8 Q2: /30 Q3: /30 Q4: /32 Total: /100 1/10 For functional call related questions, let s assume
More informationCSE 332 Spring 2013: Midterm Exam (closed book, closed notes, no calculators)
Name: Email address: Quiz Section: CSE 332 Spring 2013: Midterm Exam (closed book, closed notes, no calculators) Instructions: Read the directions for each question carefully before answering. We will
More informationGDB Tutorial. Young W. Lim Thr. Young W. Lim GDB Tutorial Thr 1 / 24
GDB Tutorial Young W. Lim 2016-09-29 Thr Young W. Lim GDB Tutorial 2016-09-29 Thr 1 / 24 Outline 1 Introduction Young W. Lim GDB Tutorial 2016-09-29 Thr 2 / 24 Based on "Self-service Linux: Mastering the
More informationTime: 8:30-10:00 pm (Arrive at 8:15 pm) Location What to bring:
ECE 120 Midterm 1 HKN Review Session Time: 8:30-10:00 pm (Arrive at 8:15 pm) Location: Your Room on Compass What to bring: icard, pens/pencils, Cheat sheet (Handwritten) Overview of Review Binary IEEE
More informationECE 250 / CS 250 Computer Architecture. C to Binary: Memory & Data Representations. Benjamin Lee
ECE 250 / CS 250 Computer Architecture C to Binary: Memory & Data Representations Benjamin Lee Slides based on those from Alvin Lebeck, Daniel Sorin, Andrew Hilton, Amir Roth, Gershon Kedem Administrivia
More informationStack Vulnerabilities. CS4379/5375 System Security Assurance Dr. Jaime C. Acosta
1 Stack Vulnerabilities CS4379/5375 System Security Assurance Dr. Jaime C. Acosta Part 1 2 3 An Old, yet Still Valid Vulnerability Buffer/Stack Overflow ESP Unknown Data (unused) Unknown Data (unused)
More informationMake sure the version number is marked on your scantron sheet. This is Version 1
Last Name First Name McGill ID Make sure the version number is marked on your scantron sheet. This is Version 1 McGill University COMP 208 -- Computers in Engineering Mid-Term Examination Tuesday, March
More informationRoadmap: Security in the software lifecycle. Memory corruption vulnerabilities
Secure Programming Lecture 3: Memory Corruption I (introduction) David Aspinall, Informatics @ Edinburgh 24th January 2019 Roadmap: Security in the software lifecycle Security is considered at different
More informationGDB Tutorial. Young W. Lim Fri. Young W. Lim GDB Tutorial Fri 1 / 24
GDB Tutorial Young W. Lim 2016-02-19 Fri Young W. Lim GDB Tutorial 2016-02-19 Fri 1 / 24 Outline 1 Introduction Young W. Lim GDB Tutorial 2016-02-19 Fri 2 / 24 Based on Self-service Linux: Mastering the
More informationCSE 509: Computer Security
CSE 509: Computer Security Date: 2.16.2009 BUFFER OVERFLOWS: input data Server running a daemon Attacker Code The attacker sends data to the daemon process running at the server side and could thus trigger
More informationCSE 333 Midterm Exam Sample Solution 5/10/13
Question 1. (18 points) Consider these two C files: a.c void f(int p); int main() { f(17); return 0; b.c void f(char *p) { *p = 'x'; (a) Why is the program made from a.c and b.c incorrect? What would you
More informationBinary Representation. Decimal Representation. Hexadecimal Representation. Binary to Hexadecimal
Decimal Representation Binary Representation Can interpret decimal number 4705 as: 4 10 3 + 7 10 2 + 0 10 1 + 5 10 0 The base or radix is 10 Digits 0 9 Place values: 1000 100 10 1 10 3 10 2 10 1 10 0 Write
More informationDecimal Representation
Decimal Representation Can interpret decimal number 4705 as: 4 10 3 + 7 10 2 + 0 10 1 + 5 10 0 The base or radix is 10 Digits 0 9 Place values: 1000 100 10 1 10 3 10 2 10 1 10 0 Write number as 4705 10
More informationAssembly Language Programming - III
Assembly Language Programming - III GDB Debugger Please refer to the handout New GDB commands (power.s) info registers (prints all register values) print/d $eax (prints individual register value. Note
More informationGDB Tutorial. Young W. Lim Tue. Young W. Lim GDB Tutorial Tue 1 / 32
GDB Tutorial Young W. Lim 2017-02-14 Tue Young W. Lim GDB Tutorial 2017-02-14 Tue 1 / 32 Outline 1 Introduction Young W. Lim GDB Tutorial 2017-02-14 Tue 2 / 32 Based on "Self-service Linux: Mastering the
More informationQuestion 2. [5 points] Given the following symbolic constant definition
CS 101, Spring 2012 Mar 20th Exam 2 Name: Question 1. [5 points] Determine which of the following function calls are valid for a function with the prototype: void drawrect(int width, int height); Assume
More information20: Exploits and Containment
20: Exploits and Containment Mark Handley Andrea Bittau What is an exploit? Programs contain bugs. These bugs could have security implications (vulnerabilities) An exploit is a tool which exploits a vulnerability
More informationCS61, Fall 2012 Midterm Review Section
CS61, Fall 2012 Midterm Review Section (10/16/2012) Q1: Hexadecimal and Binary Notation - Solve the following equations and put your answers in hex, decimal and binary. Hexadecimal Decimal Binary 15 +
More informationLectures 5-6: Introduction to C
Lectures 5-6: Introduction to C Motivation: C is both a high and a low-level language Very useful for systems programming Faster than Java This intro assumes knowledge of Java Focus is on differences Most
More informationBuffer Overflows Defending against arbitrary code insertion and execution
www.harmonysecurity.com info@harmonysecurity.com Buffer Overflows Defending against arbitrary code insertion and execution By Stephen Fewer Contents 1 Introduction 2 1.1 Where does the problem lie? 2 1.1.1
More informationGDB 1 GDB 2 GDB. Fortran Pascal GDB 4. hoge.c. Fig. 1. calc.c. Fig GDB. GDB Debian. # apt-get install gdb
2003 advanced seminar Intelligent Systems Design Lab. 1 GDB 2003 3 31 : GDB GDB GDB 1 GDB GDB ( ) Free Software Foundation(FSF) GDB 5.3 C,C++ 1 Fortran Pascal GDB 4 GDB 2 GDB Fig. 1 hoge.c calc.c GDB Fig.
More informationBuffer Overflow Attack
Buffer Overflow Attack What every applicant for the hacker should know about the foundation of buffer overflow attacks By (Dalgona@wowhacker.org) Email: zinwon@gmail.com 2005 9 5 Abstract Buffer overflow.
More informationx86 assembly CS449 Fall 2017
x86 assembly CS449 Fall 2017 x86 is a CISC CISC (Complex Instruction Set Computer) e.g. x86 Hundreds of (complex) instructions Only a handful of registers RISC (Reduced Instruction Set Computer) e.g. MIPS
More informationMemory safety, continued
Memory safety, continued With material from Mike Hicks and Dave Levin http://images.myhardhatstickers.com/img/lg/h/everybody-safety-hard-hat-label-hh-0115.gif Today s agenda gdb tutorial Other memory exploits
More informationBuffer. This time. Security. overflows. Software. By investigating. We will begin. our 1st section: History. Memory layouts
This time We will begin our 1st section: Software Security By investigating Buffer overflows and other memory safety vulnerabilities History Memory layouts Buffer overflow fundamentals Software security
More informationLab 3. Pointers Programming Lab (Using C) XU Silei
Lab 3. Pointers Programming Lab (Using C) XU Silei slxu@cse.cuhk.edu.hk Outline What is Pointer Memory Address & Pointers How to use Pointers Pointers Assignments Call-by-Value & Call-by-Address Functions
More informationCSCE 548 Building Secure Software Integers & Integer-related Attacks & Format String Attacks. Professor Lisa Luo Spring 2018
CSCE 548 Building Secure Software Integers & Integer-related Attacks & Format String Attacks Professor Lisa Luo Spring 2018 Previous Class Buffer overflows can be devastating It occurs when the access
More informationCPSC 213. Introduction to Computer Systems. Procedures and the Stack. Unit 1e
CPSC 213 Introduction to Computer Systems Unit 1e Procedures and the Stack 1 Readings for Next 3 Lectures Textbook Procedures - 3.7 Out-of-Bounds Memory References and Buffer Overflow - 3.12 2 Local Variables
More information