New Challenge: Buffer Overflow part 2

[Net]

Update:
Buffer Overflow part 2 challenge posted. Go give it a shot. Click the link in my signature below.

This challenge is fun.

Disclaimer
I have written permission from the author to post his labs on my site.

 

[KIAman]

That is trivial using LINQ. 😛

I do likeProject Euler but they are more into logic and algorithm, but it keeps the mind sharp.

 

[DrOff508]

definatly LINQ

 

[EricMartello]

Yeah you guys go do that in .NOOB, I think point here is to actually learn something not use extension that do the hard stuff for you. LINQ isn't a language, it's an extension. >.>

Also, it seems simpler than it really is. The data is only separated by spaces and new lines...no delimiters between name and address. Assuming the format remains consistent, this is my solution (which could be transposed to any language):

1) Read file line-by-line

2) Split line by finding the first number on the line and using that as an arbitrary delimiter, strip leading/trailing whitespace and store both values in two separate variables. You now have the name and address.

3) First variable has the name, split it by space and store each value in an associative array. Add the value of the second variable to the array.

4) Repeat loop till EOF.

5) To sort the data, simply use array sorting functions.

 

[KIAman]

Requirements.

Write a program to sort the below data in alphebatical order. The data is stored in a file.
The user should be able to pick what they want to sort by (i.e. last name, first name or address)
Choose any language you want.

I could give the solution using 68HC11 assembly code but why re-invent the wheel?

 

[Markbnj]

Yeah you guys go do that in .NOOB, I think point here is to actually learn something not use extension that do the hard stuff for you. LINQ isn't a language, it's an extension. >.>

I love elitism: it makes more work for me 😉.

 

[Net]

you guys have a valid point.

I added restrictions: http://eeprojects.com/challenges.html

 

[Argo]

Originally posted by: EricMartello

... store each value in an associative array.

What if the file is 2GB in size? Can you do that without storing everything in memory 🙂

 

[Net]

new challenge posted. let me know how you like it.

 

[Cogman]

Originally posted by: net
new challenge posted. let me know how you like it.

Its a fairly big jump from the last challenge. You might consider a few more bridge challenges before having someone use assembly.

*edit* I knew I saw that somewhere before. That book is awesome, I kind of wish you didn't steal from its authors like that */edit*

 

[Net]

*edit* I knew I saw that somewhere before. That book is awesome, I kind of wish you didn't steal from its authors like that */edit*

I didn't steal it. Did you read the credits, authors and link to their website at the top of the page?

Please ask before accusing...

1. It's open source
2. Credit, authors and link is provided at the top of the webpage
3. On top of all that, I asked for permission. I didn't need to but I did.

 

[Cogman]

Originally posted by: net

*edit* I knew I saw that somewhere before. That book is awesome, I kind of wish you didn't steal from its authors like that */edit*

I didn't steal it. Did you read the credits, authors and link to their website at the top of the page?

Please ask before accusing...

1. It's open source
2. Credit, authors and link is provided at the top of the webpage
3. On top of all that, I asked for permission. I didn't need to but I did.

Fine and dandy. However #3 is the one that clinches it for me. Put something that says "Used with permission of authors" or such in there.

BTW, are you sure it is open source? As far as I can tell, the source for the binary bomb is not open or available to the public. In fact, most of their software has this statement on the top

/************************************************************************
* Copyright (c) 2002, R. Bryant and D. O'Hallaron, All rights reserved.
* May not be used, modified, or copied without permission.
***********************************************************************/

Just because something has credit given doesn't instantly mean you aren't stealing from the person. Its like giving away a copy of MS Windows and saying "Oh look, I credited bill gates at the top of the page!".

 

[Net]

please don't turn this into a troll thread.

I asked for permission, leave it at that.

 

[Cogman]

Originally posted by: net
please don't turn this into a troll thread.

I asked for permission, leave it at that.

That wasn't the point of my post. My point is that when you publish someone else's info you should be explicitly careful in stating their ownership and getting their permission. I personally like to see some statement to the effect that "This is used with express permission of the author"

You created this thread for suggestions and to get our opinion. This is mine. No troll intended.

If it was a random author, I probably wouldn't have taken the time to post what I did, however, I have a lot of respect for the authors of that book (it is a REALLY good book, one of my favorite).

 

[Net]

ugh

 

[brianmanahan]

I highly doubt the authors will care. No money's being made off of this.

 

[KLin]

Originally posted by: brianmanahan
I highly doubt the authors will care. No money's being made off of this.

Plus knowledge is being spread. I see no problem with this either.

 

[Net]

did anyone solve it?

 

[Net]

here is a hint (maybe too much of a hint):

you know getbuf is vulnerable to buffer overflows. And you know that you want to execute the function called smoke.

looking at the dissasembly:

08048a09 <getbuf>:
8048a09: 55 push %ebp
8048a0a: 89 e5 mov %esp,%ebp
8048a0c: 83 ec 18 sub $0x18,%esp ; here we are allocating our char buf[12]


here are a few lines from the smoke function:

080488c4 <smoke>:
80488c4: 55 push %ebp
80488c5: 89 e5 mov %esp,%ebp


080488c4 is the address to enter the smoke function. We know we can overflow getbuf with user input.

we know the stack in the getbuf function is going to be setup this way...

--------------------
return address
---------------------
saved ebp
---------------------
char array ...
----------------------
....
----------------------
...
----------------------
...
-----------------------

we also know that x86 processors are little endian so we will have to keep that in mind when formatting our user input.

 

[Net]

posted solution. follow link below

 

[Net]

new challenge posted