User Account

All Pages

Common Vulnerabilities, Python Programming

Assignment Help:
1 Low Level Exploits
1.1 Savegames
Jimmy is becoming increasingly frustrated at the computer game hes playing.
He has a save right before the levels boss but he needs either more health
or more gold in order to win. The game is loaded from a normal file on disk
but the health and gold are encrypted in some complicated fashion. The
1
characters name is not, however.
1. Set the characters gold or health to a number greater than 9000 by
utilising a buffer overflow. How did you achieve this? Explain using
reference to bytes and ASCII as to what the exact value was that you
achieved. [4 marks]
2. How could this exploit be prevented? [2 marks]
3. Could this exploit be useful for more than just the game? Could it be
used to gain access to a system? If not, why not? If so, where might it
be used? [4 marks]
1.2 General Questions [11 marks]
1. Why is it necessary for us to provide the flag -fno-stack-protector to
GCC? What is a canary in terms of a buffer overflow and how can a
canary prevent a buffer overflow exploit? [4 marks]
2. If the game above was written in Java instead of C, would the savegame
still be exploitable? [2 marks]
3. Imagine you were exploiting a program that was running with escalated
privileges (i.e. could read sensitive files, modify other users settings and
so on) is it possible to obtain a BASH shell using buffer overflows? Be
sure to explain what shellcode is and how the shellcode is executed1
.
[5 marks]
2 SQL Exploits (10 marks)
1. Show how it is possible to log in as any user by performing an SQL
injection attack on the username/password login page. [2 marks]
2. The website has been clued in on their major security problem and prevented
the previous attack. Is it possible to use the status query to work
out the password of one of the administrators Bobby2
? [4 marks]
1The traditional introduction to this topic is Smashing The Stack For Fun And Profit:
https://www.phrack.com/issues.html?issue=49&id=14
2SQLite (the database in use here) doesnt allow multiple SQL statements to be executed
in a single execute query consider using substr and subqueries
2
3. How can these attacks be prevented? Is it a difficult security problem
to fix? Why is it so common? [4 marks]

Related Discussions:- Common Vulnerabilities

Print vs return, Print vs Return Here are two different method declara...

Print vs Return Here are two different method declarations: def f1(x): print x + 1 def f2(x): return x + 1 What happens when  we call them? >>> f1(3) 4 >>

Re-writing a C++ code in Python with the help of ctypes, I have a C++ code ...

I have a C++ code (10-15 line) which i need to re-write in python with the help of ctypes library. Is it possible i can get some help with it? Thanks & regards Tanmoy

Coding examples of python, Coding examples Following are some  attempts...

Coding examples Following are some  attempts at defining a function isSubset,  which  takes  two  arguments, a and  b, and  returns True if a is a subset  of b, assuming that

Tuples and strings, Tuples  and strings Python has two different more...

Tuples  and strings Python has two different more list-like data  types  that are very important to understand.A tuple  is a structure that  is like a list, but  is not  mutab

Packages and Libraries, For this assignment, you need to create a program t...

For this assignment, you need to create a program that allows the user to do basic trigonometry functions. First, ask the user if he or she would like to do sine, cosine, or tangen

Turtle graphics module in python programming language, Your assignment for ...

Your assignment for the semester will involve the development of a system for drawing trees using the Python programming language and the turtle graphics module (turtle.py). Comple

Conditionals- booleans, Booleans   Before we talk about  conditional...

Booleans   Before we talk about  conditionals, we require  to clarify the Boolean  data  type.  It has two values False and True. Typical statement that have Boolean values

Basic-learning to program in python , Depending on your  previous programmi...

Depending on your  previous programming background, we use different sides  through the available readings:   If you have never programmed before: you should start with a

Python program, Write a program that asks the user to enter a number of sec...

Write a program that asks the user to enter a number of seconds. The responses of the program will vary depending on the length of seconds: • If the number of seconds is under 60

Python implementation of a solver for the desert crossing, Assume you have ...

Assume you have a truck which has to travel across a desert from the base camp at position 0 (left) to the target camp at position 4 (right). The intermediate positions 1,2, and 3

Write Your Message!

Captcha
Order Assignment

Featured Services

Order Now

Popular Subjects

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd