From 4dd7c1a0f418411af9e86418e181b700ce8c3daa Mon Sep 17 00:00:00 2001
From: Dan Goldsmith <aa9863@coventry.ac.uk>
Date: Mon, 6 Mar 2023 11:28:57 +0000
Subject: [PATCH 1/2] Forking Version added

---
 Week8_Canaries/Forks/forking.c | 35 +++++++++++++++++++++++++++++++
 Week8_Canaries/Forks/makefile  |  7 +++++++
 Week8_Canaries/Static/makefile |  7 +++++++
 Week8_Canaries/Static/static.c | 38 ++++++++++++++++++++++++++++++++++
 4 files changed, 87 insertions(+)
 create mode 100644 Week8_Canaries/Forks/forking.c
 create mode 100644 Week8_Canaries/Forks/makefile
 create mode 100644 Week8_Canaries/Static/makefile
 create mode 100644 Week8_Canaries/Static/static.c

diff --git a/Week8_Canaries/Forks/forking.c b/Week8_Canaries/Forks/forking.c
new file mode 100644
index 0000000..e8e4a72
--- /dev/null
+++ b/Week8_Canaries/Forks/forking.c
@@ -0,0 +1,35 @@
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <sys/wait.h>
+#include <string.h>
+
+int processData(void){
+  printf("Please Enter Data >");
+  char data[128];
+  gets(data);
+  printf(data);
+  return 1;
+}
+
+int main(int argc, char *argv){  
+  printf("Smash the Forking Stack\n");
+
+  while(1){
+    int pid = fork();
+    if(pid == 0){
+      //Child Deals with data
+      processData();
+      printf("Child Returns\n");
+      return 0;
+    }
+    else{
+      //Parent gets on with Life
+      printf("Parent Waits on Child\n");
+      wait(NULL);
+
+    }
+  }
+}
+      
diff --git a/Week8_Canaries/Forks/makefile b/Week8_Canaries/Forks/makefile
new file mode 100644
index 0000000..1334c53
--- /dev/null
+++ b/Week8_Canaries/Forks/makefile
@@ -0,0 +1,7 @@
+CC = gcc
+FLAGS = -no-pie -g
+
+forking: forking.c
+	$(CC) $(FLAGS) forking.c -o forking
+
+all: forking
diff --git a/Week8_Canaries/Static/makefile b/Week8_Canaries/Static/makefile
new file mode 100644
index 0000000..bfd7335
--- /dev/null
+++ b/Week8_Canaries/Static/makefile
@@ -0,0 +1,7 @@
+CC = gcc
+FLAGS = -fno-stack-protector -no-pie -g --static
+
+static: static.c
+	$(CC) $(FLAGS) static.c -o static
+
+all: static
diff --git a/Week8_Canaries/Static/static.c b/Week8_Canaries/Static/static.c
new file mode 100644
index 0000000..e83009c
--- /dev/null
+++ b/Week8_Canaries/Static/static.c
@@ -0,0 +1,38 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+
+// We Use a Sruct as it means we can be sure that the memory layout stays the same
+
+struct staticMemory {
+  char buffer[20];
+  int canary;
+};
+
+
+int win(){
+  system("/bin/sh");
+}
+
+int main(int argc, char *argv){
+
+  //Initilise our memory
+  struct staticMemory myMemory;
+
+  //And the Canary
+  myMemory.canary = 0xDEADBEEF;
+  
+  printf("Enter your String\n");
+  gets(myMemory.buffer);
+
+
+  //And Do our check
+  if (myMemory.canary != 0xDEADBEEF){
+    printf("Stack Smashing Detected!!!\n");
+    exit(-1);
+  }
+  
+  return 1;
+
+}

From 2ad88bb57b689d1ee932d1c065fbccd387bb371a Mon Sep 17 00:00:00 2001
From: Dan Goldsmith <aa9863@coventry.ac.uk>
Date: Mon, 6 Mar 2023 12:34:34 +0000
Subject: [PATCH 2/2] Fstrings Version Addd

---
 Week8_Canaries/Fstrings/forking   | Bin 0 -> 17456 bytes
 Week8_Canaries/Fstrings/forking.c |  35 ++++++++++++++++++++++++++++++
 Week8_Canaries/Fstrings/makefile  |   7 ++++++
 3 files changed, 42 insertions(+)
 create mode 100755 Week8_Canaries/Fstrings/forking
 create mode 100644 Week8_Canaries/Fstrings/forking.c
 create mode 100644 Week8_Canaries/Fstrings/makefile

diff --git a/Week8_Canaries/Fstrings/forking b/Week8_Canaries/Fstrings/forking
new file mode 100755
index 0000000000000000000000000000000000000000..d19bcc86fd2477755f644a50a28cbcae82ac6205
GIT binary patch
literal 17456
zcmeHOYiu0V6~43UwKv(sUfX#&p?Crb(1&+z$4Lz#$tHeeO&u_adG;|`?~Zr3v3K3w
z*^nR}fwU<mP3x3C5Q-|OR8@-Ff@ptGii&C4Kq`cS$`8~^#iEUH8cKr-ZAw$N-??+o
zW<1zXwLi*_xzfzJ=ey@S_s+R@-uK?!)8FgUG{MOyHVV=v!Z8Widm&oaOI2Z=VxfqM
zRpL@n4WtTNOqP(eb1Yx>*##_v%FYi-yk(S;GB!hABsC#eatlck??Q^HtSzUgK}ak`
z*w%>`psdn`IzE=yt9G(vyGngJk&*P66f8Sb!&o|b)RgHK+kAS1&0~49s&A)~%p;X}
z=M?Xp;;}rb>SM|Aq?pjwsp8q`k3l2dmiC_d$4+kE9>v?E>{)gzdzMrOr5&fN)PGao
zfZ`46(v29@V=}|C!-fS*uJ3yARM#qt_ZQsF+f{vY^}{k1f0in|B07>CTGtUBNwth*
zbEQ2kdpg&(tm}vr^O1I0F}14|8;z;0*WMs}`@|$+%-4iAL-#2iCNh!jB5V|P;vaq0
z_xPnRz4OAvD{Bk=)A8lMJ^I>{WJAY6KFNj>VYG3gGTs>bPvm7VYM90F^T703aH?ZA
zd+L+f@Xk5#1Hg4`?z9xZY<|88Tz4BoUx{rtd%9lChKsS1RTPF%v=Yf(Ml!R@7*1qI
zMA`&8oG<JWw<WR`%F*pfGAdZcXd;^vV})$a8Wsdo=dTl6`}?+Z8SRmdO0GS!wvu1d
zA&kDkZAQv0nCWcMG7E#-x<>Ljb1*S9V#0rVG@n!c4cl~9LmUN03`R#4Hj=c_SRuIy
zlE?R=Y<3}yh(3jtmS^YDsM?|QpB(-cy2vLC=#-w@6qAzrjrx?+Ne8Y@30d^A11Aor
zDF@Ei5?L0DNl}Bnx}-=w=)j%hH|)UW^;ufuzTm*g7bo3;<3KCv3I{&Ff_fP*0$v2X
z2zU|jBH%^9i+~pacLe@gckw&%{jUe(2LmUfLd3r`Y5B@0<NJRZJSI)cYkv*6y!v_U
z>zZT8k)ENl(^F-n)xRK}9wkqol=_pT`$(UZ`s1Y2qu}Ysq<)lidIUWEu++axIz9TG
zo`6p6Y5Q~E_=}&5kG~q<|HrcfgFS7NZ71T-KKuK6RKK_p=5Gy0>YBd@iV$Rf?1DP+
zL<|pt@eQ=M8gWpsN9=>Dd77Z|)Un|U#&kSCm-hF(A;tLF_%m;8ia&GCAJ>k@UwqeU
zf`=!ShlR?+a9wk^5Xb78_i_FEHoOfRQEI#)K7MNYb{xg=z#o8UpFK9=u8-P#=6*6n
z)LT>WgH@}q05?9~bFOVNekd?jOUkoPknib7-z}Hphk8y{fFHSmLjazj;KvW%a4r@9
z_#)}e3QVU^aN?M%M<2iQ_4s&c3jSBw{---oK7BWK<2~p1-+5k?R!pbSa9Au?77gT@
znsH_Y&<2H`|5v&EG@;Y&C_nSm2@I3U7^;jKGVqcY0WShx1iT1%5%415MZk-I7XdE<
zUIe@de3&Aj;os1}h?yvwdQT3&tMu-KmC!ee9ixe2Mz=Di-iyCu*<4!RL4VFfS0+1>
z(zlydsgNs*fkeT~S^7=*cUIK%IbD_tZH0e5{~LY&FXgg@1HSrfx!eyq0=X0Nk~hoc
zBart)J_SktLMdstZx`C0u(o1BO>hD)w)CHi{^?D_&t+uLT@xmZ{8zyj|1(-eMc4*l
zHwGzc!@af3uBi*%7ThN`Enok!HLETmn0$?3y9-?T6=QR4_<*l#VYM%b8twA0p!_(>
zQ;?!kZpd<iyyQi|i+~paF9Kc!ya;#^@FL(vz>9zvfe&*8#_;o$QcOvn`$uyLDJ`%C
zUbtd1he?GpbvMMMY_e6s^OsjB9j{C>Em!jFhM3IJdln@wfBW5Xp7cq7jD$TG8*;iT
zMyj0iOma$<^BlfM2}BCnLM&5qv63u!uHm$rm*`Uk6H4;?CC??K`KFWxs$)_zel}q1
z-0q#SR0y7H$o1prr#zm=ls*2PN}c11*GH*8sLGX_|C`|X<L(BmQ~lkm<c&%WE4f?A
z14_F2Tf4fh(yzem<d5oY?UD9Ko8I2qzNWRUtxbFawstqz!Q8Ee-t%rBO8**S7Z92>
zuBQ2{AK9QvW@Bo>nr0MhRW<bLuW7+`Bz!erms)kF)B-eoYN`U5!wbg&`dASBDRxy4
zHQfy1yA3-{tEQ7+p3Dd3_XPN+@jRcPN3ew=*fk5^T@VZKBV71)goh#M!$lSCgpb@U
zJc?alzF(Hreh-Qk@>9VSHovHAB$3h<5OfY(75VmyFnzbs!U2M5jsqq6=>bwZawA3M
z5VEyY?mPUMz%!7`3sM=VKd%T|pi^oX%cg|3Xr666B1GdoKymB@a2zvaiKHD_)J9@{
z@Gyk$aBQ)o(R4;>t3)WYG33WF`|3n!Wv~y&;9rK4s(_$8Lh7%*YNfV*W%$ZaU!xC2
z)%Duy+QyK-c|~)*)=(41nT9TsZqT*CB}53V50N>dewlPLU(@;;HRz$0(4#on7eus8
zO>B92Q(xoNO;o-xA`~3BGGxPujMJ7a>ndQyk{pC9Fj_zksEx5@cS!H`A&pc-u|xQS
z+)6sA#<^(tas}JU5s~d;r!6%H;ra%)04|2tP*64PpS24~plfLoHZsjs$cnAlZpLO}
z^J&e#x@vg_$ekRXGyr`Eu=9VFa)Bjco{u}V>E3|<RB&UkF)$ySc1xf+cq@=V-D`oG
z{h3<=wWk6#drk#H{?c~>n!hgM!vu2;Q`6JB+|el_=fLxf_ex1ASInk!W=bcM6h04%
z3X;qu3PR44#}z>DYWt-7BA~a7TBV%1A#LW&LN*CCQAlPs*sCe@mNe$q=aXi!NM9XA
zqL5CCVkTd(^hym>=Y>i7b|GPgfq`yV#Mv#Pnf$03O(k;a=+>;2DGfyj%|tSTua?nu
ztsR|4e`2T@y~#9pbsAlXT%wRQi_zYqg{l2%d-gvvk)(*0iiK!4mmDdj%xH0MaRx9$
zi4Ng|rwmslBZ^ikn}@Xaj+sTsQVtXUQ^>quqOPwJZ<c4XnGL7=pC%Ry_jTO9uhm!9
z(XhYErTtRD_d~{MEH$v=khdbQJ9N&Tl=w2y8jCR`<!<a}^Ydki*S_ac^8oNL?%p)d
z%9$R5(tv9VKWA{+!-TWqkUyIPe*rl8cenF*z;$fy^d|uII9oei?fE<5^wn99Ns2r#
zk*h|B&DNf!z{8?R#9e+aB70x0m<-!~<b4HxUc%NOYAfsO<Tq_#w0?~IxZ@L(_13=U
z#?S+t+V8f%9=HyF?zBt#aic=qLAVc3f2y5qaqk@Va<Pnkx)|NJT)TN&Ul-0roc%^m
z-00oDd0USW@7^wqt^L<++1zhj*W0_JXV4hjyrsVf>s{Q-Yht{b<^$Hv(BhqnEv>h4
zUN#I<UX+aCY%Yr`X0Gt5usYOIo(e#241=ildK@S-7v~tMV&2Fkaw%H4({~-LQrVnQ
zDw-*IMVjfz%%y~p8ZipyNIsdcO!8@ElekLJs-K}^QB@)@mWF{<K}OHD-NyT^0ivt%
z%t~;8mh6BTu!t1*j#`N!NULDW4CipEGz()QlFM6WB%Lco5V$e3VC{84LnZvuX~AQI
zZMAtzUyGGU3u&IgUmy`l?aiSITUrIXWVcx;X7jljih(i&AVCC`8ym4iM7BF(nR}3z
zy%Z_rWuHaNj4@nDjG9I!1ukng!$=eg2{e=#oQLDYXf}yj^YDdTL{?xsLzG1%nI9d+
zKPfcU94e*3!(G7yZmZecaGvvtp`n7gn>8%+GdYjwah70oU4hSw|5eg^6HYDlU`*>@
zW6~wBgXQ-o31UaK&U7ghJfKwgor=%vK4VT}<mJ<}1EZ&8C!g1O^7_wJ4qM9d^^akC
zE_d>esQQnn7ciX-m2~rO0{%C=8~IfEq~cF1J|BOzDtEU(0i5oI%%4*HDa8+JHj&y$
zS?1%pOr|XMWXgPg|D0A0r56TgQtm3y7m%ZOJ?8WK-Gk}^zeHJb``L~qJ;BktBkTPB
z_?Y6y6yM!`1q*r;pr$gP-&fBn{!V4c^}CP%+ls$M+41}DfFkhwGO0_kx%rO(qnNP&
z%6$X3OiKJ+z}DV7evY8P$=B6=M_2qYCMv05x+BZ<ee9ilUZ*~x3?8RKM`9jBKSajK
z=jV>@2HS$ad$7HG{Qg++IsW{dAat8C$V4UGe0qMN`kBw`o_RfV#|Q9FxcK+!G0C`3
zmqPr&7L`5s9|ONZhTdS+=~DTg!|S8n_N=pf1>8CZpTGB<Z2^eHcD8mwXZ#EbXzXzP
z{5;F+-FaO*jekna<9>V#7{!nIyq@*BC|L{c23x_N`7Hkd%*p5H<7vf@SD1E&c`SV(
zJNf*)+1hH`b354$^C~*XgmL@%`7NgSZhNZBnHH-0m3gIz`R?<N`7D<xeubzqpH>dt
zewoMitLNY!RKy2d1eYq>=HOr4Zr9M~BDhqsX%2pRjm>|M8>*z6|0%_HA7@$dkI%tp
zKlC|<@^1dG)QL;iS7&0LQ}Vg*wA;DX)=sLzOQ6zu!sCJOU-N+R*s&S*zO~bq9~A%k
UIrzt}wE4r_P+OJ9s<Kl28xEE~mjD0&

literal 0
HcmV?d00001

diff --git a/Week8_Canaries/Fstrings/forking.c b/Week8_Canaries/Fstrings/forking.c
new file mode 100644
index 0000000..5a6a17d
--- /dev/null
+++ b/Week8_Canaries/Fstrings/forking.c
@@ -0,0 +1,35 @@
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <sys/wait.h>
+#include <string.h>
+
+int processData(void){
+  printf("Please Enter Data >");
+  char data[32];
+  gets(data);
+  printf(data);
+  return 1;
+}
+
+int main(int argc, char *argv){  
+  printf("Smash the Forking Stack\n");
+
+  while(1){
+    int pid = fork();
+    if(pid == 0){
+      //Child Deals with data
+      processData();
+      printf("Child Returns\n");
+      return 0;
+    }
+    else{
+      //Parent gets on with Life
+      printf("Parent Waits on Child\n");
+      wait(NULL);
+
+    }
+  }
+}
+      
diff --git a/Week8_Canaries/Fstrings/makefile b/Week8_Canaries/Fstrings/makefile
new file mode 100644
index 0000000..1334c53
--- /dev/null
+++ b/Week8_Canaries/Fstrings/makefile
@@ -0,0 +1,7 @@
+CC = gcc
+FLAGS = -no-pie -g
+
+forking: forking.c
+	$(CC) $(FLAGS) forking.c -o forking
+
+all: forking