Project 3--CPS 110

1. Overview

This project will help you understand call stack vulnerabilities
and debuggers like the GNU Debugger (GDB).

In this project, you will compromise a system running a vulnerable
process on the network.  You will be able to access a full copy of
the process C source code, which you can use to analyze the
behavior of the program.

Once you gain access to the system, you may modify the files 
hosted by the server as proof of your accomplishment.

Please submit by e-mail a formal solution to the project, 
including all files (including source) used in your exploit, a 
short explanation of your method of attack, and a review of the 
project as a whole.

2. Progress / tips

Please post to the Blackboard discussion board, at 
<http://courses.duke.edu/>, with any difficulties you are having. 
The instructor and TA can post tips that may point you and others 
in the right direction.

3. Resources

Read the document "Smashing the Stack for Fun and Profit", at 
<http://insecure.org/stf/smashstack.html>, for an introduction to 
call stack vulnerabilities.

Look at <http://shellcode.org/Shellcode/linux/> for some pre-
compiled shellcode samples for the Linux kernel.