Search:

Type: Posts; User: sebas_phoenix

Page 1 of 4 1 2 3 4

Search: Search took 0.11 seconds.

  1. Please provide some link as to where you are...

    Please provide some link as to where you are referring the task from! Also, read this : http://crypto.stanford.edu/cs155old/cs155-spring08/papers/formatstring-1.2.pdf
  2. Replies
    27
    Views
    12,182

    I wonder why apache should run as a privileged...

    I wonder why apache should run as a privileged process? Yeah if it runs as a web server it needs to bind to port 80 which is below 1024 therefore is privileged, after that it no longer needs to hold...
  3. Let's do it! I couldn't participate last time :(...

    Let's do it! I couldn't participate last time :( Also, since it is a international CTF, we need to practice atleast on weekends. We could use #g4h IRC on freenode for collaborating.
    Interested...
  4. Replies
    11
    Views
    22,376

    There are a lot of books that cover C to an...

    There are a lot of books that cover C to an intermediate level. But the best book for Advanced C is Expert C Programming - Deep C Secrets. I recently started reading the book and i completed some 80...
  5. Replies
    9
    Views
    11,876

    Well, I will tell you the technique. Just dont...

    Well, I will tell you the technique. Just dont tell anyone about it k? So here it goes. First thing is to find the email ID of the person, that will be publicly available most of the time. Then here...
  6. Article: Understanding Padding Oracle Attack - Attack on Encryption in CBC mode

    You can view the page at http://www.garage4hackers.com/content.php?r=140-Understanding-Padding-Oracle-Attack-Attack-on-Encryption-in-CBC-mode
  7. Understand what padding oracle is all about, then...

    Understand what padding oracle is all about, then write your own code. Or wait for max. 3 days, i might do a tutorial on padding oracle and this post will serve as my inspiration.

    Regards
  8. IMHO, padding oracle attack is one of the...

    IMHO, padding oracle attack is one of the "cutest" attacks on Authenticated Encryption..I didn't know that ASP.NET is vulnerable to this though! Also, another thing about padding oracle is that it is...
  9. IMO, forget about career when you learn. Just...

    IMO, forget about career when you learn. Just learn with a passion and everything else will come to you automatically. About family, it is upto you to convince your family man, cant help you out...
  10. Hey Mark. Well, this is how I decided I should be...

    Hey Mark. Well, this is how I decided I should be in the future . When i was in college, I am a gaming addict (DotA mainly).I was the Captain of a popular clan in GG which naturally means i didn't...
  11. Replies
    31
    Views
    18,376

    The argument for gets() and puts() is the address...

    The argument for gets() and puts() is the address of the buffer which is at an offset -0xc from ebp more precisely the buffer starts @ address ebp-0xc. About the mov %eax,(%esp) part, it is...
  12. Replies
    31
    Views
    18,376

    AT&T is not a processor, it is a syntax for...

    AT&T is not a processor, it is a syntax for assembly. As you can obviously see,it is AT&T considering the %(register) and <opcode> <source> <destination> format!
  13. Replies
    31
    Views
    18,376

    Ok lets do it one step at a time for more...

    Ok lets do it one step at a time for more clarity.



    0x080484ae <+0>: push %ebp
    0x080484af <+1>: mov %esp,%ebp

    Typical function prologue. esp is not subtracted indicating no local...
  14. Replies
    31
    Views
    18,376

    Hey mark, thanks for the videos. Btw, if you have...

    Hey mark, thanks for the videos. Btw, if you have any trouble understanding BoF, post the code in the forums, we will help you out!

    Best Regards.
  15. There are a lot of wargames like OvertheWire and...

    There are a lot of wargames like OvertheWire and SmashTheStack which is a great place to start and they are very addictive too..
  16. Replies
    13
    Views
    6,366

    Nobody is laughing at you or stopping you from...

    Nobody is laughing at you or stopping you from dreaming. All we are saying is that do some research on your area of interest and realise your dream(however impossible it might be) . But while posting...
  17. Replies
    13
    Views
    6,366

    Hmm..I am not saying it is not feasible, but as a...

    Hmm..I am not saying it is not feasible, but as a general recommendation let me tell you this: Theoretically we can do anything! Like for example , use a gigantic vibrating fork so that it matches...
  18. Nice exploit bro..it would be more useful if you...

    Nice exploit bro..it would be more useful if you could document the bug hunting phase too
  19. Replies
    9
    Views
    3,724

    Kindly be more elaborate by providing some...

    Kindly be more elaborate by providing some pseudocode as to how you think it might happen! Then it will be easier for others to clarify
  20. Replies
    9
    Views
    3,724

    Be more elaborate! There is no such thing as a...

    Be more elaborate! There is no such thing as a register overflow (except arithmetic overflow..but they are not relevant to our discussion here) , what actually happens is that we overflow the memory...
  21. Replies
    7
    Views
    3,725

    Thanks bro! hopefully next time , they turn out...

    Thanks bro! hopefully next time , they turn out to be suid binaries :)
  22. Can you please post your code?

    Can you please post your code?
  23. Replies
    7
    Views
    3,725

    No bro..am not able to find a squashfs-tools for...

    No bro..am not able to find a squashfs-tools for android.

    @all:Thanks a lot
  24. Anatomy of my first and second 0-day! [Full analysis of code]

    http://www.garage4hackers.com/f22/anatomy-my-first-second-0-day-2488.html
    And also, I was thinking if there is anyone interested in open source bug hunting? Tell me so that we can audit some of the...
  25. Replies
    13
    Views
    5,771

    Hmm, the stack grows from higher memory address...

    Hmm, the stack grows from higher memory address to a lower memory address, which means that the saved ebp gets overwritten before the saved eip. There are ways you can overwrite just the saved eip,...
Results 1 to 25 of 83
Page 1 of 4 1 2 3 4