Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Format-String Vulnerabilities: An adversary is attacking a program with the code

ID: 3582073 • Letter: F

Question

Format-String Vulnerabilities:

An adversary is attacking a program with the code:

1. Rewrite the above line of code so that it is not subject to a format string vulnerability.

2. Say that the adversary enters as input AAAA %x %x %x %x %x %x %x and sees

AAAA 0 0 0 0 5 bfff00a4 41414141

displayed to the screen. Based on this, what can the adversary enter as input if he wants to read from

address 0x43434343 ? (Note: attempting to read from this address might cause an error, but that's ok.)

printf (s) where s is a string the adversary supplies

Explanation / Answer

printf(s) is vulnerable to attack.Because with the help of this attacker may able to find address of data in stack.So,to avoid this we can write above statement as:

printf("%s",s)

Where %s is format specifier for printing string.

Related Questions

Format 12 pt. Font (times new roman, arial, or cambri) Double spaced At least tw
Question #214495
Format Arrange View Share Window Help | HBSE 345 Choose Your Research Design.rev
Question #3354169
Format Font Tools Table Window $ Help Ra/ 84))51%( a ws 03 (1).docx 150% ts Tabl
Question #201462
Format Font Tools Table Window Help SQL Assignment updated.docx 116% nt Elements
Question #3698551
Format Font Tools Table Window Help roductive System Questions.docx Word File Ed
Question #3519035
Format Lat) Assignment. 2 (12 pts) urned in up to a week after the original due
Question #970161
Format Painter EXERXISES 1-23 Five-step decision-making process, manufacturing.
Question #425329
Format Painter Font Clipboard 128 fair mediumm red Total black dark 3 Eyes 34 35
Question #3319718

Navigate

Previous
Format with a title at top of page and each question addressed separately. Compl
Next
Formation A: Chalk with some beds of limestone. Trace fossils include shallow bu