8/18/2019 ECE 102 Notes

1/15

ECE 102 – Compilation and

Exploitssubtitle: week 7

Peter JamiesonMiami Universit

8/18/2019 ECE 102 Notes

2/15

8/18/2019 ECE 102 Notes

3/15

 !oda

•  !"e ma#"ine and C

• Computer en$ineers

 – %"o &t"e experts' are "a#kers• (irus)

• *mas" t"e sta#k)

8/18/2019 ECE 102 Notes

4/15

Compilin$

• %"at "appens+

8/18/2019 ECE 102 Notes

5/15

,## options and -b.e#t dumps

• $## –* / $enerate assembl le

• $## –savetemps / keep temp les – i / pre3pro#ess

 – s / assembl – o / ob.e#t le

• 4ote E56 at start / Exe#utable and Linkable Format

• ob.dump d pro$ramo

 – s"ows t"e assembl instru#tions beside t"ema#"ine #ode

• ob.dump d pro$ramexe – 5inker adds some steps)

8/18/2019 ECE 102 Notes

6/15

-t"er tools

• readel " pro$ramexe

• readel * pro$ramexe

• Compare w"at we learned wit" $db)

8/18/2019 ECE 102 Notes

7/15

%"at is+

• 8 virus

• 8 tro.an "orse

• 8 worm

8/18/2019 ECE 102 Notes

8/15

%"at is+

• 8 virus / pro$ram t"at atta#"es to exe andrepli#ates in ot"er exes unknowin$l9 butpro$ram wit" virus must run

• 8 tro.an "orse / looks like le$it sotware butou #li#k to run

• 8 worm / like a virus9 but some data transersit and t"en it repli#ates

8/18/2019 ECE 102 Notes

9/15

ow do we stop+

•  !"ou$"ts+

8/18/2019 ECE 102 Notes

10/15

 !"e PC – smas"in$ t"e sta#k

• ow bi$ #an t"e password be9 and "ow do weimplement t"is in #ode+

Details:

•   https://www.youtube.com/watch?v=1S0aBV-Waeo

8/18/2019 ECE 102 Notes

11/15

*mas"in$ t"e sta#k

• ;u

8/18/2019 ECE 102 Notes

12/15

*mas" sta#k

• 8lmost all #omputer exploits look or memor#opies t"at #an be over=owed to "it t"e returnaddress and t"en run our #ode

• ow #an > write #ode wit"out #ompilin$ in t"isexploit+ – !"ink lo$in)

8/18/2019 ECE 102 Notes

13/15

ow do we prote#t a$ainst sta#ksmas"in$+

• %e know about smas" t"e sta#k9 "ow do weprote#t+

8/18/2019 ECE 102 Notes

14/15

Make sure w"en memor is #opiedwe spe#i "ow man btes

• str#p(E?*U*

• strn#p / n spe#ies "ow man btes@@@

8/18/2019 ECE 102 Notes

15/15

C"allen$e

• ,iven P?-,?8M32A – 8dd a print statement

 – 8nswer t"e ollowin$• ow mu#" bi$$er in btes is t"e pro$ram+

• ow bi$ is t"e print un#tionalit+

• %"ere is print lo#ated in memor or t"is pro$ram+

• %"at #ode is run beore main+