-
Notifications
You must be signed in to change notification settings - Fork 73
Spring20Cs361SMidtermSample
This is a SAMPLE exam. You may freely discuss it with other students. If this were a real exam, it would be open-book, open-notes, but any communication with other students would be prohibited.
For each question, write 1-3 sentences to answer the question. If you think it needs more than 3 sentences, you have not understood the question.
Question 1: Ken Thompson wrote his paper, "Reflections on Trusting Trust" before the concept of computer viruses had been introduced, so he did not use the term. In what way is his attack similar to a virus?
Question 2: format string question forthcoming
Question 3: What will the be the value of EAX and ECX at the end of the following rop chain? Assume that the stack is shown from low to high so that the gadget at Addr 1 is executed first before the ESP advances to the right:
[ Addr 1 ][ a ][ Addr 2 ][ b ][ c ][ Addr 3]
Addr 1: pop ecx; ret
Addr 2: add esp, 4; pop eax; ret
Addr 3: xchg eax, ecx; ret
Select one of the following questions. Write an essay of at least five paragraphs, and at least 350 words, answering the prompt. You will be graded on your ability to identify relevant technical information in the referenced sources to answer the prompt.
Question 1: How could you adapt the Ken Thompson attack (e.g., Lab 1) to work against the SeL4 kernel, despite its verification routines?