Some Entertaining Distractions
For the last day of term, some stuff that's more fun than the exercises. This will not be on the exam.
Buffer Over Run Attacks
First of all, look up or get Martin to talk about how the stack works in C. Then read, run and play with the following silly bits of code:
- stack-print : this allows you to print out the contents of the stack, useful for tuning some of the other code to write to exactly the right places.
- stack-modify-args : a fairly simple example of abusing the stack to get non obvious behaviour.
- stack-break-scoping : a slightly more advanced exploit along the same lines.
Now have a read of this article, it explains what a buffer overflow attack is, how to cause one and how to avoid them.
Do Not Write Code Like This
The International Obfuscated C Code Contest.
Consider Writing Code Like This
Syscalls
Get Martin to explain the basics of what syscalls are and then have a look at intro(2) (man -s 2 intro)