6 WEEK EXAM NAME: ALPHA: SECTION:

Transcription

1 6 WEEK EXAM NAME: ALPHA: SECTION: 1. This is individual work. 2. SHOW ALL WORK! 3. Write legibly to receive credit. 4. Turn in your equation sheet. SCORE: /100 SCALE >89.5%: %: %: G33K %: $ RiPt K1DD13 <59.5%: WannaB

2 Lesson 1 Computer System Review 1. (6 pts) The character q is stored at memory address a) (3 pts) By hand calculation, express this memory address in hexadecimal notation, using a number of hex digits appropriate for our x86 architecture. Work must be shown for full credit. b) (3 pts) What are the 8 bits is stored at this address? 2. (2 pts) You type up a document in MSWORD, give it a file name, save it to your My Documents folder, and power down your computer. Where is the file you created now stored? (Circle the correct answer) a) RAM MSB LSB b) The Hard Drive c) CPU memory registers d) Nowhere, the file is lost e) The compiler

3 Lesson 2: C Programming 3. (3 pts) For each of the following multiple choice questions select the answer that best identifies the type of computing code being described. (Circle the correct answer) (1 pts) Code resulting from a successful compilation of a C program's source code: a) high-level code b) assembly code c) machine code d) honor code (1 pts) Code used when we write programs in the C programming language: a) high-level code b) assembly code c) machine code d) honor code (1 pts) This code uses English-like mnemonics which correspond to machine instructions: a) high-level code b) assembly code c) machine code d) honor code

4 Lesson 3 Registers and Memory 4. (4 pts) Analyze the following C program. #include<stdio.h> int main() int i; for( i=0; i < 4; i=i+2 ) if( i >= 2 ) printf( Torpedoes\n ); else printf( Howitzer\n ); a) (2 pts) State how many times the loop will iterate. b) (2 pts) What will be printed to the screen when the program is executed?

5 5. (8 pts) Answer the following questions based on the below screen capture of assembly code in the debugger. a) (3 pts) Part of the source code that generates this assembly code is the line: int x = 5; Which assembly language instruction corresponds to this C code? b) (3 pts) What is the memory address (in hexadecimal) of the variable x? c) (2 pts) What is the address of the next line of code to be executed?

6 Lesson 4 - Arrays 6. (4 pts) What is the fundamental issue with C that makes a buffer overflow exploit possible? 7. (7 pts) Use the array declaration to answer the questions. float wins[5] = 2.4,7,4,6.1,9; a) (2 pts) How many bytes are allocated for this array? b) (2 pts) What value is stored in wins[1]? c) (3 pts) What value is stored in wins[5]?

7 Lesson 5 Strings and Pointers 8. (3 pts) Given the following declarations, what would be the C statement to assign ptr_age the address of the integer age? (Circle the correct answer) int int age; *ptr_age; a) &ptr_age = &age; b) *ptr_age = &age; c) &ptr_age = *age; d) ptr_age = age; e) ptr_age = &age; 9. (5 pts) Given the following C snippet, what would the output of the printf statement be? char name[40] = LCDR Atwood ; char *ptr1; char *ptr2; ptr1=name; ptr2=ptr1 + 6; strcpy(ptr2, good day by all! ); printf( My teacher is %s\n, name);

8 Lesson 6 Functions and the Stack 10. (3 pts) Select the most appropriate function definition to replace the commented line in the program. (Circle the correct answer) #include<stdio.h> //YOUR ANSWER HERE// float c_sq = a * a + b * b; return c_sq; int main() float answer; answer = hypot( 7.12, 6.37); printf( The square of the hypotenuse is: %f\n, answer); a) float hypot(float a, float b, float c) b) float hypot(int a, int b) c) void hypot(float a, float b) d) float hypot(float a, float b)

9 11. (11 pts) Sketch the contents of the stack frame for main under Data in hexadecimal. Locate and label the base pointer as ebp_main and the stack pointer as esp_main under Stack Frame Info. Locate and label the variables g, fox[0], fox[1] under What is Represented. (Note: Not every block in the table will be filled in.) #include<stdio.h> int main() char fox[2]; fox[0] = 'B'; fox[1] = 0; int g = 17; Address: Data: What is Represented: 0xBFFFF810 0xBFFFF811 0xBFFFF812 0xBFFFF813 0xBFFFF814 0xBFFFF815 0xBFFFF816 0xBFFFF817 0xBFFFF818 Stack Frame Info:

10 Lesson 7 Buffer Overflow Introduction 12. (10 pts) Given the following code snippet: char first_name[6] = Alice ; strcpy(first_name, Alexander ); a) (2 pts) Will the C compiler state that there is an error? b) (2 pts) What potentially dangerous situation occurs because of the snippet above? c) (3 pts) What is the minimum size necessary for the array first_name to prevent this error? d) (3 pts) There are at least two ways to change the above code to prevent the above error from happening. Can you describe one?

11 13. (8 pts) When the greetings function is called in main from the following code sample the stack pictured below is created. #include<stdio.h> void greetings() int name_len = 15; char name[name_len]; int year = 2014; Stack year name name_len prev_ebp ret_addr printf( Enter your name: ); scanf( %s, name); printf( Hello: %s! The current year is %d.\n, name, year); int main() greetings(); a) (4 pts) Assuming there is no padding (extra spaces) when the frame is created, how many characters must the user enter to overwrite only the first byte of the return address? b) (4 pts) Is it possible to change the value of year by performing a buffer overflow attack? Why or why not?

12 Lesson 8 The Heap 14. (4 pts) Is it possible for the heap and stack to collide? (Circle the correct answer) a) Yes, because the stack builds from the bottom (larger memory address) up (to a smaller memory address) and the heap from the top (smaller memory address) down (to a larger memory address). b) Yes, because the heap builds from the bottom (larger memory address) up (to a smaller memory address) and the stack from the top (smaller memory address) down (to a larger memory address). c) No, because the stack builds from the bottom (larger memory address) up (to a smaller memory address) and the heap from the top (smaller memory address) down (to a larger memory address). d) No, because the heap builds from the bottom (larger memory address) up (to a smaller memory address) and the stack from the top (smaller memory address) down (to a larger memory address).

13 Lesson 9 Privilege Management 15. (8 pts) After typing in the command, ls l gethappy.exe you see: a) (2 pts) Who is the owner of this file? b) (2 pts) What permissions do other users in the owner s group have? c) (4 pts) You (midshipman) are neither the owner nor part of the owner s group instructor. What command would the administrator enter to give you permission to read and execute the gethappy.exe file? 16. (5 pts) You (midshipman) now have permission to read and execute the gethappy.exe file. The function of the gethappy.exe file when executed is to write to the file happytimes. After multiple attempts, the executable file is not operating as expected. The owner changes the executable file. You see: a) (1 pts) What permission changed? Your answer must include the name of the permission. b) (4 pts) How does the change to the file s permissions affect the execution of the file?

14 Lesson 10 Buffer Overflow Attack 17. (3 pts) Order these three main components of a buffer overflow exploit as they will appear on the stack: (shellcode, malicious return address, nop sled) Top: Middle: Bottom: 18. (6 pts) Aside from careful programming and the modification of several specific C commands, list and briefly describe two technical solutions that have been proposed to prevent a program from being exploited by a buffer overflow. TURN IN YOUR HAND-WRITTEN EQUATION SHEET WITH YOUR EXAM