Description

In this order, there are few software that the expert should use.

Fyi: I'm using a Window Computer. And need to use a Virtualbox software with Kali Linux install on it.

Software Requirements:

- The Virtualbox Software

- The Kali Linux, Penetration Testing Distribution

- GDB: The GNU Project Debugger

- GCC, the GNU Compiler Collection

- C source file including BOF.c, createBadfile.c, and testShellCode.c

Then, the expert can just follow the instruction in the PDF of what to do step by step. But, make sure you do a screenshot of each steps and saved it to a folder called "Screenshots". I need this at the end once you've finish.

Once you've done all of the steps above, i need:

A zip file containing:

1. Your updated createBadfile.c that generates the input for the BOF program

2. A copy of the badfile. This must generate a shell when BOF runs from the command line in the VM

3. A screenshot of using BOF program to gain a shell (see simple screenshot below, under "happy exploiting" in the pdf)

4. A text file with answers to the following questions: (if you can answer these three questions below, that you would be great)

a. What happens when you compile without “-z execstack”?

A = Can you answer this for me too.

b. What happens if you enable ASLR? Does the return address change?

A = Can you answer this for me too.

c. Does the address of the buffer[] in memory change when you run BOF using GDB, /home/ss4310-student/Desktop/BufferOverflows/BOF, and ./BOF?

A = Can you answer this for me too.

5. The "Screenshots" folder of each steps starting from topic "Starting the virtual machine" to "Happy Exploiting!" (see the pdf then you'll understand)