Experiment with running the stack overflow attack using either the original shell code from Figure 10.8b or the modified code from Problem 1.5, against an example vulnerable program. You will need to use an older O/S release that does not include stack protection by default. You will also need to determine the buffer and stack frame locations, determine the resulting attack string, and write a simple program to encode this to implement the attack.

Problem 1.5

The example shell code shown in Figure 10.8b assumes that the execve system call will not return (which is the case as long as it is successful). However, to cover the possibility that it might fail, the code could be extended to include another system call after it, this time to exit(0). This would cause the program to exit normally, attracting less attention than allowing it to crash. Extend this shell code with the extra assembler instructions needed to marshal arguments and call this system function.