Overview
This lab introduces the buffer overflow where a program, when writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations. This vulnerability can be utilized by a malicious user to alter the flow control of the program. In this lab, students will learn basic concepts of Set-UID program, stack frame layout, buffer overflow attack, and countermeasures. Students will also be instructed to utilize buffer overflow vulnerability to inject malicious code and obtain a root shell of the compromised virtual machine in a cloud. Moreover, students will experiment with several protection schemes that have been implemented in Linux and evaluate their effectiveness.
Conceptual Visualization
The following animation visualizes the concept of buffer overflow attack.
Lab Instruction Materials
- Lab instruction
- Configuration file for creating lab environment
- Lab solution is not provided here. Interested instructors can email PI Mengjun Xie for the lab solution.