5.5. When launching the return-to-libc attack, instead of jumping to the beginning of the system() function, an attacker causes the program to jump to the first instruction right after the function prologue in the system() function. Please describe how the attacker should construct the input ...
address on the stack with the address of a legitimate instruction which is located in a library such as the libc runtime library on UNIX style systems. The attacker places the arguments to this function in another place on the stack. This attack can circumvent non-executable stack protections....