Common Vulnerabilities, 1 Low Level Exploits 1.1 Savegames Jimmy is becoming, Python Programming

Common Vulnerabilities, Python Programming

Assignment Help:

1 Low Level Exploits
1.1 Savegames
Jimmy is becoming increasingly frustrated at the computer game hes playing.
He has a save right before the levels boss but he needs either more health
or more gold in order to win. The game is loaded from a normal file on disk
but the health and gold are encrypted in some complicated fashion. The
1
characters name is not, however.
1. Set the characters gold or health to a number greater than 9000 by
utilising a buffer overflow. How did you achieve this? Explain using
reference to bytes and ASCII as to what the exact value was that you
achieved. [4 marks]
2. How could this exploit be prevented? [2 marks]
3. Could this exploit be useful for more than just the game? Could it be
used to gain access to a system? If not, why not? If so, where might it
be used? [4 marks]
1.2 General Questions [11 marks]
1. Why is it necessary for us to provide the flag -fno-stack-protector to
GCC? What is a canary in terms of a buffer overflow and how can a
canary prevent a buffer overflow exploit? [4 marks]
2. If the game above was written in Java instead of C, would the savegame
still be exploitable? [2 marks]
3. Imagine you were exploiting a program that was running with escalated
privileges (i.e. could read sensitive files, modify other users settings and
so on) is it possible to obtain a BASH shell using buffer overflows? Be
sure to explain what shellcode is and how the shellcode is executed1
.
[5 marks]
2 SQL Exploits (10 marks)
1. Show how it is possible to log in as any user by performing an SQL
injection attack on the username/password login page. [2 marks]
2. The website has been clued in on their major security problem and prevented
the previous attack. Is it possible to use the status query to work
out the password of one of the administrators Bobby2
? [4 marks]
1The traditional introduction to this topic is Smashing The Stack For Fun And Profit:
https://www.phrack.com/issues.html?issue=49&id=14
2SQLite (the database in use here) doesnt allow multiple SQL statements to be executed
in a single execute query consider using substr and subqueries
2
3. How can these attacks be prevented? Is it a difficult security problem
to fix? Why is it so common? [4 marks]

Write Your Message!

Name

Email id

Message

Verfication Code

User Account

All Pages

Common Vulnerabilities, Python Programming

Related Discussions:- Common Vulnerabilities

Robotics, how to started robotics proggraming in begning

Lcr circuit, program on damped lcr cicuit

Algorithms, how to calculate area of a square in square metres

Packages and Libraries, For this assignment, you need to create a program t...

Bit Stuffing, How to write program on bit stuffing using python?

Character stuffing.., write code for python characters stuffing program sou...

#1 - Pseudo Code, Ask question #Minimum 100 worIn this project, create the ...

Wwrite a function, I

Basic-learning to program in python , Depending on your previous programmi...

If statements, how do you make an if and else statment work in pytho?

Write Your Message!

Featured Services

Online Tutoring

Project Development

Exam Preparation

Course Help

Assignment Help

Popular Subjects

Assured A++ Grade

Academics

Major Subjects

Majors

Get In Touch

TERMS & POLICIES

HELP & SUPPORT