Notes on solving Project 1.

  1. Detailed instructions on how to solve the first exploit are available here.

  2. As mentioned in the README and homework files, the boxes environment should run on Linux with kernel 2.4.  Most of the current Linux versions, however,  use kernel 2.6 (you can check the kernel version by the running the command "uname -a"). In spite of this, it is possible run the boxes in the Linux lab, even though the version of Linux which is installed there is Gentoo with kernel 2.6.

  3. If you are unfamiliar with using gbd, You can find many tutorials on using this tool. You can do a Google search for "linux gdb tutorial" and find several tutorials. The ones at http://www.dirac.org/linux/gdb/ and http://www.unknownroad.com/rtfm/gdbtut/gdbtoc.html seem good.

  4. For assignment #1, there is a compiler error on the file 'tmalloc.c' in line 63 in both GCC-4.0 and GCC-4.1. The problem is fixed with GCC-3.3. (Thanks for Nadav Rotem for pointing this out.)

  5. An update to AlpehOne's article , which shows how to break modern stacks, is available her  http://www.milw0rm.com/papers/82 (Thanks for Nadav Rotem for pointing this out.)

  6. The Raw file for use with the Qemu VM can now be downloaded from http://ginger.haifa.ac.il/elms/Linux.raw.zip. You can download the file from this location instead of the Linux lab. Note that this is a huge file.

  7. Some students complained about problems in the login process to the machines in the Linux lab. If this is the first time you use the lab, follow the instructions posted on the door of the lab.

  8. There will be an extension for submitting Exploit 1. It can be submitted by Wednesday, April 18, before class (you can submit it to me before the class begins). If the strike continues on Wednesday then there will an extension until the strike ends. If there is no strike on Wednesday then you must submit the exploit on Wednesday.

  9. Note that gdb is not installed in the Qemu Linux image that we provide (the image was built with a minimal set of packages because of storage constraints,  iy only includes gcc and ftp). If you are running Qemu in a Linux environment you can use gdb. Otherwise, if you want to install gdb (or a different package) packages in your image, you can use the "aptitude" command to install packages (you can download from the Internet whatever package you need, but you have to be sure that there is enough space; the image can be re-sized, the instruction can be found by typing "Qemu image re-size" in google).

  10. On Wednesday, May 2, at 2pm, the teaching assistant will be in the Linux lab to answer questions about the exercise.

  11. On Wednesday, May 2, the teaching assistant will be in the Linux lab to answer questions about the exercise.Due to the students strike there is a new timetable for submitting projects:
        The first exploit must be submitted by Sunday, May 6, 5pm.
        All other exploits (as is required by the exercise) must be submitted by Sunday, May 13, 5pm.
     There will be no extensions to these deadlines!

  12. Important note: You must write exploits for targets 1 and 7, and for two other targets (from targets 2 through 5). You can submit a fifth exploit to receive bonus points, but only if you submitted the first four (and in particular, exploit 7).

  13. Projects must be submitted by email to security2007@csweb.haifa.ac.il. There is no need to send the environment: you should only send the exploits themselves. You must keep the original directory structure that you used.

Last updated: May 3, 2007, 12:20 AM.