IFN657 Format String Vulnerability Assignment Sample

• Subject Code : IFN657
• University : Queensland University of Technology My Assignment Services is not sponsored or endorsed by this college or university.
• Subject Name : IT Computer Science

Principles of Software Security - Task 1

Answer:

If the length of supplied input to the buffer is greater in length than the maximum length of input that a buffer can hold then the buffer overflow takes place and it overwrites the memory of integer ‘Pass’. That’s why regardless of the wrong password supplied, the ‘Pass’ value becomes non zero. And the attacker is granted with root privileges.

Principles of Software Security - Task 2

Answer:

If we choose password that matches with the T, then it means that we get the message that “you are logged in”. It should be whatever we will set that matches with the condition.

Principles of Software Security - Task 3

Answer:

When we modify the return address, we will set the password according so we will get the program output that you are logged in. If we choose password that matches with the T, then it means that we get the message that “you are logged in”. It should be whatever we will set that matches with the condition.

Principles of Software Security - Task 4

Answer:

In order to avoid buffer overflow the use of standard library functions should be avoided which are not bounds checked just like strcpy and scanf. Furthermore good and secure development behavior should be adopted to find the duffer overflow in the system on regular bases and regular testing of the system. One of the most reliable ways to test and save the system from buffer overflow is the use of automatic protection at development level or language level. The second major testing type is to test the system at run time to find and remove the bugs to avoid buffer overflow. This run time testing saves the buffer from overrun by checking automatically that if the data being used to write in the buffer lies within its limits or boundaries of the buffer or not.

Principles of Software Security - Task 5

Answer:

When we modify the return address, we will set the password according so we will get the program output that you are logged in. If we choose password that matches with the T, then it means that we get the message that “you are logged in”. it should be whatever we will set that matches with the condition.

, the only thing that will be changed is that we will turn the address space layout randomization on. This can be done by using the method given below

 $ sudo /sbin/sysctl -w kernel.randomize_va_space=2

As the ASLR is enabled in this program so it will work at a success rate of 100% on every invocation of randomized program.

Principles of Software Security - Task 6

Answer:

A class of bugs that can take the advantage of an easily avoidable programming error is known as Format String Vulnerability. So if an attacker control buffer is passed in an argument to the printf function or any other function related to it such as sprint, an fprintf etc. by the programmer then the attacker might be able to write the arbitrary addresses of memory.

Principles of Software Security - Task 7

Answer:

Up till now we have found a way to pass the arbitrary value which is 0804c014 in this case and will pass it in the argument to printf function. So at this step while passing the argument, we can use another method and can use a format string feature. A specific argument can also be selected while using this feature. For example if we pass the argument (“%2$”,1,2,3) to the printf function then it will print number 2. In order to select an arbitrary argument in printf, we can use printf (“%$X”). The case that we are discussing has the argument 0804c014 which is 10^th argument to printf function. Thus our string can be simplified as:

$ ./a.out ‘804c014’

0804c014

Principles of Software Security - Task 8

Answer:

A form of attack which is used to deny or stop the legitimate access to a network, software, website or email to its user is known as DOS. The word DOS stands for Denial of service which means that once a system is under attack then it will not allow its users to access the information on that system of site. DOS attack is implemented by sending too many requests to the resource of target such as the attackers send too many requests to the web server at the same time to overflow the request and ultimately the server stop responding to its users. These too many requests can either cause the server to crash or slow down it as it is unable to handle too many requests at a single time.

Principles of Software Security - Task 9

Answer:

If we choose password that matches with the T, then it means that we get the message that “you are logged in”. It should be whatever we will set that matches with the condition so we will be logged in to the system.

Principles of Software Security - Task 10

Answer:

In C language the careless use of core format string functions can cause a number of attacks to the system. These attacks can also include the arbitrary code execution. So in the case of application security, in order to avoid the vulnerabilities in the system we have to validate the user input properly or while writing the code, programmer has to avoid passing user controlled inputs in the functions wherever it is possible to avoid. The use of printf () function should be done wisely by considering the format parameters even in the case of a string literal.

Remember, at the center of any academic work, lies clarity and evidence. Should you need further assistance, do look up to our Computer Science Assignment Help