Lectures 17 and 18

The last two lectures dealt with two types of input validation attacks: buffer overflows and SQL injection attacks.

The examples discussed in lecture 17 are posted on the syllabus along with the lecture slides.

As announced in class, HW3 is now out. On this homework you will use buffer overflow attacks to break 3 password authentication programs. I hope you find the homework fun!

Advertisements

4 Responses to “Lectures 17 and 18”

  1. Bria Says:

    I don’t see the examples on the syllabus….could you re-post them, please? Thanks.

  2. Brady Law Says:

    20 bonus points for part 2! Although I’m not sure if that will keep them out of jail…

    http://www.nytimes.com/external/idg/2009/11/10/10idg-eight-indicted-for-9-million-hack-58439.html

  3. Fernando de Castro Says:

    For some reason I can’t copy the source files for the homework to my directory.

    Is there any way I can copy them?

    Thank you! =)

  4. jonkatz Says:

    They are set up to allow execute access only, and not read access. Once you can read them, you could run gdb on them and I didn’t want that.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: