A copy of the badfile. This must generate a shell when BOF runs from the command line in the VM

computer science

Description

In this order, there are few software that the expert should use.

Fyi: I'm using a Window Computer. And need to use a Virtualbox software with Kali Linux install on it.

Software Requirements:

- The Virtualbox Software

- The Kali Linux, Penetration Testing Distribution

- GDB: The GNU Project Debugger

- GCC, the GNU Compiler Collection

- C source file including BOF.c, createBadfile.c, and testShellCode.c

Then, the expert can just follow the instruction in the PDF of what to do step by step. But, make sure you do a screenshot of each steps and saved it to a folder called "Screenshots". I need this at the end once you've finish.

Once you've done all of the steps above, i need:

A zip file containing:

1. Your updated createBadfile.c that generates the input for the BOF program

2. A copy of the badfile. This must generate a shell when BOF runs from the command line in the VM

3. A screenshot of using BOF program to gain a shell (see simple screenshot below, under "happy exploiting" in the pdf)

4. A text file with answers to the following questions: (if you can answer these three questions below, that you would be great)

a. What happens when you compile without “-z execstack”?

A = Can you answer this for me too.

b. What happens if you enable ASLR? Does the return address change?

A = Can you answer this for me too.

c. Does the address of the buffer[] in memory change when you run BOF using GDB, /home/ss4310-student/Desktop/BufferOverflows/BOF, and ./BOF?

A = Can you answer this for me too.

5. The "Screenshots" folder of each steps starting from topic "Starting the virtual machine" to "Happy Exploiting!" (see the pdf then you'll understand)


Related Questions in computer science category