CS208 Introduction to Computer Systems
Friday, 27 October 2023

+ Questions/debrief
- Zoos
- gdb debugging generally
- How callq and retq work, and the general
    flow of function-calling

+ A simple buffer overflow example
- Read for fun: some description of the Morris Worm

+ The buffer overflow assignment
- Goals
    - Deeper understanding of function-calling
    - Awareness that yikes, this is dangerous!
    - Awareness of a huge problem throughout computer history

- Some details
    do you know how these work in Unix? |, >, and <

    objdump -d ctarget > ctarget.d  <-- this gives you a "disassembled" look at the code

Here are some example Unix commands we looked at during class
to try to understand the role of the hex2raw command

    echo Hello | tr [:lower:] [:upper:]    <-- this does something pretty obvious
                                               but illustrates how the output of one
                                               command (echo) can be "piped" to the input
                                               of another command (tr)

    echo 4C656c6c6f     <-- what if we want this to turn into "Hello"? sadly, it doesn't.

but, let's put this in a file called hello.bytes:

    4C 65 6C 6C 6F

and then do this:

    cat hello.bytes | ./hex2raw             <-- try it! how does it work?

      (note: hex2raw is in your targetN.tar file)

So...how does this work? Put the bytes you want to provide as input for ctarget
into a file named ctarget.phase1, in hex like we did above in hello.bytes. Then:

    cat ctarget.phase1 | ./hex2raw | ./ctarget

This is how you're going to produce your nefarious input for the ctarget program.