Overflow in Code ?

[falsefish]

hello AO ppl ,

saw this on a University's site...its meant for beginners...

i have been trying to make a sense of this encrypted text but cannot make much sense outta it...
what i have figured out is that the english letters in the code are from the HEX Family.. i hv tried to get an o/p from a HEX to ASCII convertor but didnt help..
so any suggestions from codebreakers??


1. Analyze this : Analyze that
68412b4a0ca6f15742433078890f619e : d523cac48e53a72e25c0efd4ca43b35585f20f63
Crack the code and find out what I am trying to tell you.
Hint: It is not as simple as you think. But then I may be confusing you.


I could solve around 6 out of TASK 1...task 2 and 3 still to go. fairly easy.. what about you guys? have a look at the whole page here...

[falsefish]

can anyone give me a few inputs on the code written below being vulnerable? if yes then how can somebody exploit it>


int some_function(int x, int y, int z)
{
char buff[5];
gets(buff);
return 0;
}
int main()
{
some_function(10,15,20);
return 0;
}




-thanks

[falsefish]

i stumbled upon a hacking challenge online in which you are supposed to find vuln and break-into the authenticiation system

http://www.bits-quark.org/binary/task1.html


i have gone through other challenges but this one is boggling me the most

[nihil]

What exactly is giving you the problem my little friend?

Q: What beats 4 aces in a game of straight draw poker?
A: A Smith & Wesson

[falsefish]

hello nihil,

how did you manage to solve that code so fast??? share the algorithm with me

thanks a lot.!

and hats off to AO

[falsefish]

funny situation
is "Q: What beats 4 aces in a game of straight draw poker?
A: A Smith & Wesson"

the answer to the code mentioned on the URL or a proverb you're pointing to me ? :P

I'll repeat the problem

Q: Analyze this : Analyze that
68412b4a0ca6f15742433078890f619e : d523cac48e53a72e25c0efd4ca43b35585f20f63
Crack the code and find out what I am trying to tell you.
Hint: It is not as simple as you think. But then I may be confusing you.

[falsefish]

Hi AO community,

I found these problems in a security quiz online... any help with the answer?



Maria’s friend Anna is not a very good coder. Maria came across the following code written by Anna and knows that it is vulnerable. Help her identify this vulnerability and teach her how to exploit it.

Code:

 int 
some_function
(int x, int y, int z) 
{
 char buff[5];
 gets(buff); 
return 0;
 }
 int main() 
{ 
some_function(10,15,20);
 return 0; }

2. She came across the following exploit for executing commands on a remote machine that hosts "some_website" on a vulnerable web server:

http://some_website/scripts& /..%%35%64..%%35%64..%%35%64
..%%35%64..%%35%64../winnt/system32/cmd.exe?/d+dir+d:

Help her identify the webserver and its version and explain to her how the exploit works. Also teach her how to exploit this vulnerability for copying files, deleting them, disabling logging and deleting old logs on the remote server.




wow. the first one seems a little hard... second one can be googled though

[appunu]

yu in online hacking competition na? i need username for 12th level

[Negative]

I merged all these "I'm too lazy to figure it out myself, so I'm just going to ask people to give me the answer" threads into one.

[saintakaagni]

Analyze this : Analyze that
68412b4a0ca6f15742433078890f619e : d523cac48e53a72e25c0efd4ca43b35585f20f63
Crack the code and find out what I am trying to tell you.
Hint: It is not as simple as you think. But then I may be confusing you.

Looks like a MD5 hash. I could be wrong.