Interactive Exploit Execution Visualizer

Interactive educational platform for comparing safe vs malicious execution of vulnerable C programs.

The app runs each program twice under a debugger, then visualizes:

• instruction-by-instruction divergence
• register and stack changes
• stdout differences
• risk findings (issue type + severity)

---

Features

• Upload C source or precompiled binary and run safe/malicious inputs side by side
• Step-level timeline with first-divergence marker
• Register and stack diff highlighting
• Program output comparison (stdout)
• Risk analysis panel with findings such as:
  • information leak (format-string behavior)
  • stack/control-flow corruption (overflow behavior)
  • stack corruption signal (subtle memory corruption)
• Issue summary panel that shows:
  • detected issue type(s)
  • highest severity
  • backend runtime error details (if any)

---

Included Demo Programs

Located in demo/:

• vulnerable.c - stack overflow via unsafe strcpy
• heap_vulnerable.c - heap overflow into malloc buffer (heap_buf), works with the heap trace window
• format_string.c - format-string vulnerability via printf(user_input)
• integer_issue.c - signed/unsigned integer conversion bug causing unsafe copy size

---

Tech Stack

• Backend: Flask, Python 3.10+
• Frontend: React (Create React App), Node 16+
• Tracing:
  • Linux: GDB Python API
  • macOS: LLDB Python API

---

Prerequisites

Tool	Minimum	Purpose
Python	3.10+	Backend runtime
Node.js	16+	Frontend runtime
GCC / Clang	modern	Compile uploaded C files
GDB (Linux)	7.x+ w/ Python	Trace collection on Linux
LLDB (macOS)	Xcode CLT	Trace collection on macOS

Install common dependencies (Debian/Ubuntu):

sudo apt update && sudo apt install -y gcc gdb python3 python3-pip nodejs npm

macOS (for LLDB + compiler tools):

xcode-select --install

---

Quick Start

1) Start backend

cd backend
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
python app.py

Backend runs at http://localhost:5001.

2) Start frontend (new terminal)

cd frontend
npm install
npm start

Frontend runs at http://localhost:3000 and proxies /api to backend.

---

How to Use

1. Upload one demo file (vulnerable.c, heap_vulnerable.c, format_string.c, or integer_issue.c)
2. Enter:
   • a safe input
   • a malicious input
3. Click Run Both Executions
4. Inspect:
   • Risk Findings (high-level security signal)
   • Issue Summary (issue type, severity, and errors)
   • Timeline and Diff panels for technical evidence

---

Suggested Inputs

Stack Overflow (vulnerable.c)

• Safe: Alice
• Malicious: 100-220 A characters

Heap overflow (heap_vulnerable.c)

• Safe: Alice
• Malicious: 100–220 A characters (overflows the 64-byte malloc buffer)

Format String (format_string.c)

• Safe: Hello
• Malicious: %p.%p.%p.%p.%p.%p.%p.%p

Integer Conversion (integer_issue.c)

• Safe: 8
• Malicious: -1

---

API Overview

POST /api/upload

Upload .c source or binary.

POST /api/execute

Body:

{
  "program_id": "a1b2c3d4",
  "safe_input": "Alice",
  "malicious_input": "AAAA..."
}

GET /api/trace/<run_id>

Returns full trace with steps and captured stdout.

GET /api/diff/<safe_run_id>/<malicious_run_id>

Returns step diff + summary fields:

• first_divergence_step
• stdout_diff
• risk_findings

---

Project Structure

4277_Final_Project/
├── backend/
│   ├── app.py
│   ├── routes/
│   ├── services/
│   ├── tests/
│   ├── uploads/
│   └── traces/
├── frontend/
│   ├── src/
│   │   ├── components/
│   │   └── services/
│   └── package.json
└── demo/
    ├── vulnerable.c
    ├── heap_vulnerable.c
    ├── format_string.c
    └── integer_issue.c

---

Limitations

• Step alignment is by instruction index, not semantic control-flow matching
• Long-running binaries are capped (MAX_STEPS)
• Platform-specific debugger behavior can differ across Linux/macOS
• Runs execute user-provided binaries: use only in trusted local environments

---

License / Academic Use

This project is intended for local, educational security demonstrations.