Ariana
2 byte overwrite
Ariana
what no
professor
Yeah
Ariana
also stack cookies
Ariana
and the weird esp trash
professor
It is easily bypassed too
Ariana
how
professor
Find the random piece on asm
professor
Reversing etc
Ariana
WHAT
Ariana
you are high
Ariana
Stack cookie is random
Ariana
you cannot predict it, it changes everytime you run the program
Ariana
try it
Ariana
Like actually try
Ariana
It’s 7 random bytes
Ariana
Go gdb
Ariana
Check your stack cookie
Ariana
It changes all the time
professor
I am not gdb . I am into windows . I have done multiples stack cookies on ctftime , but the thing could stop a bit it is EMET , but 5.1 < it is exploitable
Ariana
done multiple stack cookies on ctftime wtf
Ariana
Show me your exploit then with your hardcoded stack cookie
professor
many techniques
professor
https://tcode2k16.github.io/blog/posts/2018/tuctf-writeup/#canary
Ariana
lol im literally irl friends with that dude
Ariana
ive also done that kind of chals
Ariana
Those aren’t actual caneries
Ariana
Those are like home made caneries that are pseudorandom
Ariana
You cannot predict caneries without leaking them for actual stack caneries
Ariana
Just try with like
int main(){char a[10];a=gets();return 0;}
professor
brute force or find modify error handlers SEH and avoid canary check
professor
canaries doesnt check errors handlers
Anonymous
Is there any simple compiler which doesnt suck? Gcc is bloat and clang is pain in ass to build
Ariana
7 bytes
Ariana
+2 bytes aslr
Ariana
if pie gg
Ariana
You have a lot more bruting to do
Ariana
since gadgets come from libc and source
Ariana
If you say its possible why not show an actual example
professor
you cant
The samples are in the osce course which is not free , But there are many samples on the net about this
professor
You could only control the module with only 2 bytes , and other tricks
Mihail
Mihail
You mean it's a pain in the ass to build the LLVM toolchain itself?
Anonymous
I want to learn c and c++ program anyone can teach me🙏
It's tricky language especially errors are so so much
Anonymous
It's tricky language especially errors are so so much
It's has been more than 1 year in school this subject
It still eat a lot of mind
Anonymous
Admin what
Is boolean algebra
It is in my syllabus
Anonymous
Admin what
Is boolean algebra
It is in my syllabus
https://www.tutorialspoint.com/computer_logical_organization/boolean_algebra.htm
this may help 😁
Francisco
im
Hii
BinaryByter
was abandoned by its developers in 2005
i use an assembler compiler that was abandoned by its initial devs and I use a linker that was abandoned by its initial devs 😉
BinaryByter
there are always people crazy enough to maintain stuff
BinaryByter
Please don't unless you know what the fuck you do
BinaryByter
theres a reason not many other compilers do as well as tcc
Anonymous
Please don't unless you know what the fuck you do
You advice against it? Can you tell your experience with it?
BinaryByter
I advise against it because I doubt that you will be able to maintain the compiler as well as the people who wrote it so far
Anonymous
right
Anonymous
I am not 1337 enough
BinaryByter
Programming in a minimal style is a challenge
BinaryByter
its a challenge everybody should learn
BinaryByter
but for example - if you think that classes have no bloat - ding ding ding ding
Anonymous
Right
BinaryByter
you lost :D
Anonymous
:D
BinaryByter
but for example - if you think that classes have no bloat - ding ding ding ding
Lets wait for some C++ fanboy to dissagree
Dark
BinaryByter
😂
BinaryByter
https://en.cppreference.com/w/cpp/numeric/valarray
BinaryByter
Whoa :D
BinaryByter
thank you C++