Tuesday, January 12, 2016

Updated the CS:APP Bomb Lab

We've released an update to the Bomb Lab on the CS:APP site. An authentication key associated with each bomb prevents spoofing(from Zaheer Chothia, ETH, Switzerland). And a configurable timeout in the request daemon prevents it from hanging while interacting with clients under heavy loads (from Len Hamy, Macquarie University, Australia).

Monday, January 11, 2016

New x86-64 Attack Lab is Available!

We are pleased to announce that the new Attack Lab is available on the CS:APP site.

The Attack Lab was first offered to CMU students in Fall 2015. It is the 64-bit successor to the 32-bit Buffer Lab and was designed for CS:APP3e. In this lab, students are given a pair of unique custom-generated x86-64 binary executables, called targets, that have buffer overflow bugs. One target is vulnerable to code injection attacks. The other is vulnerable to return-oriented programming attacks. Students are asked to modify the behavior of the targets by developing exploits based on either code injection or return-oriented programming.