Given two strings
t is an anagram of
1 <= s.length, t.length <= 5 * 104
tconsist of lowercase English letters.
Input: s = "anagram", t = "nagaram"
Input: s = "rat", t = "car"
(1) C++ String Data Structure
Strings in C++ are defined as an array of characters. The difference between a character array and a string is the string is terminated with a special NULL character
(2) String Size
Before we start to develop games, we need to downloading and installing Unity and Visual Studio. To install these softwares, we need to follow the steps,
In this section, we will talk about the most popular and critical type of vulnerability called stack overflow. Techniques to exploit stack overflow problems were first documented in a well-known Phrack article called Smashing The Stack For Fun And Profit by Aleph One. Let’s first see some basic definitions in this article.
A buffer is simply a contiguous block of computer memory that holds multiple instances of the same data type.
(2) Static Arrays and Dynamic Arrays
Arrays, like all variables in C, can be declared either static or dynamic. Static variables are allocated…
1. Linux Shells
Let’s discuss today’s main topic about writing the shellcode. Shellcode often means a generic payload for the exploitation, so its goal is to launch an interactive shell as a result. First, we have to direct to the
tut02-shellcode directory by,
$ seclab tut02
$ cd ~/tuts/lab02/tut02-shellcode/
$ ls -al
drwxrwxr-x 2 vagrant vagrant 4096 May 10 09:57 .
drwxrwxr-x 3 vagrant vagrant 4096 May 6 03:25 ..
-rw-r--r-- 1 vagrant vagrant 535 May 9 21:54 Makefile
-rw-r--r-- 1 vagrant vagrant 11253 May 9 21:54 README
-rw-r--r-- 1 vagrant vagrant 1090 May 9 21:54 shellcode.S …
One of the static analysis tools that we can use for disassembling code is called Ghidra. Ghidra is a free and open-source reverse engineering tool developed by the National Security Agency of the United States of America.
First, let’s download this file from the official website of Ghidra,
$ cd ~/cs6265-tut/
$ curl https://ghidra-sre.org/ghidra_9.2.3_PUBLIC_20210325.zip > ghidra_9.2.3_PUBLIC_20210325.zip
Then, let’s unzip the file and change it to this directory,
$ unzip ghidra_9.2.3_PUBLIC_20210325.zip
$ cd ghidra_9.2.3_PUBLIC
In this directory, we can change the mode of the file
ghidraRun to 777 and then execute this file,
$ chmod 777 ghidraRun
In the previous section, we have discussed the GNU debugger and PWN debugger. Now, let’s summarize the basic usage of them.
$ gdb <filename>
(gdb) b main
(gdb) i r
x) the memory contents of an instruction
(gdb) x/1i 0x80492c9
x) the memory contents of one instruction and its next 9 instructions
(gdb) x/10i 0x80492c9
x) the memory contents of a string
(gdb) x/1s 0x80492c9
<somthing may be wrong with the picture>
If you are not a registered student, you can simply skip this section because the resource in this part will be private. If you are a registered student, follow the steps before taking the first lab assignment.
sshconnect to the server for a particular lab with the information provided…
Let’s now play with a binary. In this lab, we have 4 binary files. Before you check these files, you have to make sure that you are in the VM environment.
$ vagrant ssh
$ seclab tut01
We can check these files by,
$ cd ~/tuts/lab01/tut01-crackme
README crackme0x00 crackme0x01 crackme0x02 crackme0x03
What are these files? Let’s try the first one
crackme0x00 as an example. Suppose we run this executable file and enter the password 1234, we can not access it because the password is not correct.
IOLI Crackme Level 0x00
First, we have to install VirtualBox and Vagrant.
Ubuntu users may want to use the following commands to install Virtualbox and Vagrant,
$ sudo apt-get install virtualbox
$ sudo apt-get install vagrant
2. Setup the Environment
First, let’s make a new folder named
$ cd ~
$ mkdir cs6265-tut
$ cd cs6265-tut
Then let’s download the environment configuration files from the internet by
$ wget https://tc.gts3.org/cs6265/tut/tut.tar.gz
After we download this file, we…