Lab Assignment #2

Exploiting Heap Overflow

Software Security (CS52700) Fall-16, Purdue University

Byoungyoung Lee

• Due date: 11:59pm, Oct 14, 2016

In this lab assignment, you will exploit a heap overflow in the target binary (i.e., lab-2/target in our in our git repository https://github.com/lifeasageek/cs52700-public). Note, the memory allocate used in the binary is dlmalloc (the source code). Before you get started, you may want to check following articles first.

• A Memory Allocator (dlmalloc)
• Understanding the Heap & Exploiting Heap Overflows

Instruction & Exploitation Goal

The same as the first lab assignment.

Submission

Make your own tarball, named lab2.tar.gz, and submit it through the submission site. Your tarball must include following files.

• flag: a flag that you obtained from exploitation
• README: shorly describes how to run the exploit (less than five sentences!)
• exploit.*: your own exploit source code