About Ubuntu 14.04
This project has been tested in Ubuntu 14.04, which is not the latest version. It may work on later versions, but you are requested to use Ubuntu 14.04 for uniformity and ease of support. Also, use 32 bit OS, the 64 bit one has different stack structure.

About Downloading

The file is large. Downloading large files from remote locations by a large number of people is NOT recommended. It uses up bandwidth on servers. It is not a nice thing to do. Servers sometimes deny downloads if bandwidth gets exceeded. Hence please follow these suggestions:

1.      Copy the file from someone who has downloaded it. Possibly communicate via discussion board and have one person download and several groups share the copy via USB drives, or exchanging it in class.

2.      Get it from one of the graders during office hours.

Share. Do not download.

About input for attacks

The demo done in class used Ubuntu 8.04, and it has a different stack structure than later versions (attacks are easier). The input sequence used was:

a[0] – 1
a[1] – 2

a[2] – 3
a[3] – 4
a[4] – 5
a[5] – address of shell_call

a[6] – 7
a[7] – address of a[8]
a[8] – the payload (“cal” in the demo)

The suggested input for the project is:
(This is the information you have to find by experimenting, so not everything is correct or specified.)
a[0] – address of a[1]
a[1] – the payload

a[2] – payload contd. If needed
a[3] – 4
a[4] – 5
a[5] – something

a[6] – something
a[x] – address of shell_call // “x” is a number you have to find. It may be 13 or 14.
a[x+1] – something
a[x+2] – address of a[0] // this may not be the correct location