notes.md: Add book notes for Montevideo through Lagos

2025-10-29 12:09:14 +00:00 · 2023-03-15 20:13:34 -05:00
parent 5e23a963ec
commit 95e7776c8a
10 changed files with 368 additions and 0 deletions
--- a/16-Bangalore/notes.md
+++ b/16-Bangalore/notes.md
@@ -0,0 +1,23 @@
+`Taken verbatim from my notebook`
+# Page 1
+```
+Bangalore   DEP/NX
+    Passwords 8-16 chars   } 0x20 B limit
+    Takes 0x30 (48) chars  }
+
+    Strategy: Construct a ROP chain
+        to turn page 45 executable
+    NO STRCPY
+
+    mark_page_executable @ 44ba
+    44ba: sub  #6,    sp
+          mov  #9100, sr
+          call #0x10
+          add  #0xa,  sp
+          RET
+
+    4458: call 0x10
+
+    ROP to set stack executable,
+    Exec to open the lock
+```