Transcribed Image Text:

123456 A ROP (Return-Oriented Programming) attack can be used to execute arbitrary instructions by chaining together small pieces of code called "gadgets." Your goal is to create a stack layout for a ROP attack that calls a function located at '0x4018bd3'. Below is the assembly code for the function 'getbuf', which allocates 8 bytes of stack space for a 'char' array. This array is then passed to the 'gets' function. Additionally, you are provided with five useful gadgets and their addresses. Use these gadgets to construct the stack layout. Assembly for getbuf 1 getbuf: sub mov $8, %rsp %rsp, %rdi call gets add $8, %rsp ret #Allocate 8 bytes for buffer #Load buffer address into %rdi #Call gets with buffer #Restore the stack pointer #Return to caller Stack Layout each 8-byte (fill in section) Address Value (8 bytes) 0x7fffffffdfc0 0x7fffffffdfb8 0x7fffffffdfb0 0x7fffffffdfa8 0x7fffffffdfa0 0x7fffffffdf98 0x7fffffffdf90 0x7fffffffdf88 Gadgets Address Gadget Ox4006a7 pop %rdi; ret Ox4006a9 pop %rsi; ret Ox4006ab pop %rax; ret Ox4006ad mov %rax, %rbx; ret Ox4006b0 pop %rbp; ret Original Return Address is at 0x7fffffffdf898 Task: Fill in the stack layout on the left with the values (addresses or constants) necessary to create a ROP chain that will execute a call to the function at '0x4018bd3'. • Use the provided gadgets to control the values in registers as needed.