It's the hot new game show that's sweeping the nation! YOU Be the Moderator!
The rules of the game are simple: Assume you are a moderator on any old message board with powers up to and including banning members. Now suppose you logged in one day and saw a new topic, with no replies, by one of the board's more-or-less regular members, but one whose personal life you are generally ignorant of. The question is, how would you percieve the post, and what would your reactions be, if any?
The post in question (note that much has been snipped, for length and given the post's subject):
------------------------------------------------------------------------------------
Title: Buffer Overflows
Been messing around with overflowing buffers today. First example:
Now I know this code does basically nothing and is pretty poorly written. It's not even a buffer overflow, but it operates on the same principle. If you run it as it is, you'll see 10 lines of some random debug information, and then the outputted "THISISOUTPUT", and the program ends. If you uncomment the line that is commented and then run the program, it will output the debug information as before, but mysteriously skips over the cout << "THISISOUTPUT". I use the variable 'a' as a reference to the stack, and using that, directly overwrite the saved EIP on the stack, redirecting it a few lines down. So when the function returns, instead of going to the next line like it should, it's redirected to skipping to the end of main.Code:// C++ code, notable for a 'void main()'
Second example:
Now this is a pretty interesting buffer overflow, and it's actually an example you might see coded in real life. The program asks you for a password, you enter one, it outputs some debug information, then if your password was correct or not, it says so.Code:// C++ code. Notable for cin >>'ing to a char array.
[In-depth Explanation of the noted vulnerability]
Now, try entering this when it prompts you for the password. Warning, the program does crash when you enter this, but not before saying that you entered the correct password. In windows xp just a little dialog box pops up when it crashes, and you can hit OK, and everything's all good. Shouldn't cause any damage, but don't blame me if it does.
[Description of what to input]
It will crash, but if you move the dialog box out of the way, you'll notice that "Correct Password!" was outputted before it crashed.
Basically what this does is once again use the input variable as a reference to the stack. The periods you enter just overwrite stack until you get to the EIP register. The [data] which are entered correspond to a certain address, along the same principle as the first example.
------------------------------------------------------------------------------------