mirror of
https://git.soft.fish/val/MicroCorruption.git
synced 2024-11-22 17:35:59 +00:00
27 lines
614 B
Markdown
27 lines
614 B
Markdown
`Taken verbatim from my notebook`
|
|
# Page 1
|
|
```
|
|
Santa Cruz
|
|
2 buffers
|
|
username [0x63] -> 2404 -> 43a2
|
|
password [0x63] -> 2404 -> 43b5
|
|
r4: return addr: 43cc
|
|
Min len stored at 43b3
|
|
username +0x11 index 17
|
|
Max len stored at 43b4
|
|
username +0x12 index 18
|
|
43c6 must be 00
|
|
-> password must be 16 chars
|
|
so strcpy places 00 there
|
|
-> password: "passwordpassword"
|
|
|
|
username[0x11] = 01
|
|
username[0x12] = 7f
|
|
username[0x42+]= 4a44
|
|
|
|
Don't put important constants on the stack?
|
|
Strcpy does copy the last null byte
|
|
|
|
A program
|
|
```
|