The purpose of this demonstration is to show how user input can overflow a variable and change the value of adjacent memory locations. Your challenge is to enter data that will overflow a buffer allowing you to log into the imaginary system without knowing the password.
General explanation of simulations
· The simulated program’s console screen is shown in the upper right corner.
· The grid on the right represents the 256 bytes of simulated memory in a 16 by 16 grid.
· The program instructions occupy smaller addresses and are color coded to match the source code.
· A ‘*’ in the program memory represents the current program counter location. An ‘X’ represents the return location of a function call.
· Return addresses appear on the stack as a ‘$’. Addresses on the stack are represented as a ‘&’.
· Local variables are allocated on the stack.
· An input box will appear at the top when the simulated program requests user input. You can only enter letters. At times it may be useful to input a character that overwrites an address on the stack. The ASCII code of the character will be used as the address in the 256 bytes of simulated memory.
· All library functions, such as gets() and puts(), are assumed to be compiled inline and therefore don't require a function call.
This stack overflow simulation was created by Dr. Kenneth A. Williams. It is a modification of a program created by Dr. Susan Gerhart under NSF Award No. 0113627