Lab Assignment #3

Return Oriented Programming

Software Security (CS52700) Fall-16, Purdue University

Byoungyoung Lee

• Due date: 11:59pm, Nov 4, 2016

In this lab assignment, you will exploit a stack overflow in the target binary (i.e., lab-3/target in our in our git repository https://github.com/lifeasageek/cs52700-public). Although the vulnerability itself is similar to the one in lab-1, lab-3 will need you write an exploit with return oriented programming (ROP) techniques. If you can exploit without ROP, it is also always welcomed!

Instruction & Exploitation Goal

The same as the first lab assignment.

Submission

Make your own tarball, named lab3.tar.gz, and submit it through the submission site. Your tarball must include following files.

• flag: a flag that you obtained from exploitation
• README: shorly describes how to run the exploit (less than five sentences!)
• exploit.*: your own exploit source code