PDA

View Full Version : YOU Be the Moderator!



zx-1
10-09-2006, 08:59 AM
It's the hot new game show that's sweeping the nation! YOU Be the Moderator!

The rules of the game are simple: Assume you are a moderator on any old message board with powers up to and including banning members. Now suppose you logged in one day and saw a new topic, with no replies, by one of the board's more-or-less regular members, but one whose personal life you are generally ignorant of. The question is, how would you percieve the post, and what would your reactions be, if any?

The post in question (note that much has been snipped, for length and given the post's subject):

------------------------------------------------------------------------------------
Title: Buffer Overflows
Been messing around with overflowing buffers today. First example:



// C++ code, notable for a 'void main()'


Now I know this code does basically nothing and is pretty poorly written. It's not even a buffer overflow, but it operates on the same principle. If you run it as it is, you'll see 10 lines of some random debug information, and then the outputted "THISISOUTPUT", and the program ends. If you uncomment the line that is commented and then run the program, it will output the debug information as before, but mysteriously skips over the cout << "THISISOUTPUT". I use the variable 'a' as a reference to the stack, and using that, directly overwrite the saved EIP on the stack, redirecting it a few lines down. So when the function returns, instead of going to the next line like it should, it's redirected to skipping to the end of main.

Second example:



// C++ code. Notable for cin >>'ing to a char array.


Now this is a pretty interesting buffer overflow, and it's actually an example you might see coded in real life. The program asks you for a password, you enter one, it outputs some debug information, then if your password was correct or not, it says so.

[In-depth Explanation of the noted vulnerability]

Now, try entering this when it prompts you for the password. Warning, the program does crash when you enter this, but not before saying that you entered the correct password. In windows xp just a little dialog box pops up when it crashes, and you can hit OK, and everything's all good. Shouldn't cause any damage, but don't blame me if it does.

[Description of what to input]

It will crash, but if you move the dialog box out of the way, you'll notice that "Correct Password!" was outputted before it crashed.

Basically what this does is once again use the input variable as a reference to the stack. The periods you enter just overwrite stack until you get to the EIP register. The [data] which are entered correspond to a certain address, along the same principle as the first example.
------------------------------------------------------------------------------------

SlyMaelstrom
10-09-2006, 10:13 AM
Ban him! ... and ban everyone who viewed the topic... then go on a wild banning spree at the end of which I ban myself.

OMG, Webmaster, make me teh mod plz!

----

I don't get the idea of this question. Is this a member who usually knows what their talking about and just made an extremely stupid post or is it someone who almost always say something stupid? If it's the former, I'd probably ask what they were thinking and whether they wrote it when they were half asleep and I would note the mistakes that made me come to that conclusion. If it's the latter, I'd probably just tell them their errors because I'd expect it from them... and then I'd ban them.

CornedBee
10-09-2006, 10:16 AM
You banning yourself might be worth it ;)

SlyMaelstrom
10-09-2006, 10:20 AM
Oh... you wanna go? Because in case you didn't realize... milk drinks cats!

... umm, or something like that.

indigo0086
10-09-2006, 10:22 AM
Oh... you wanna go? Because in case you didn't realize... milk drinks cats!

In communist russia you mean.

Queatrix
10-09-2006, 11:27 AM
I like the last post game better.
Almost every board has one. (But this one ofcourse.)
The only problem is I have to through the 1000's of pages to see the last post. (No, I am not kidding.)

Or the "deepest darkest secret" is a good one.

twomers
10-09-2006, 12:59 PM
Is this hypothetical, as in Ethic's hypothetical game, which means it's not, or is it just a ... vague approximation of a possible scenario?

If I was a moderator I would have some ideas ... but they wouldn't be implementable unless I was an administrator ... As for my other ideas, I would ban lots of people for silly reasons, and only for silly reasons, then I would wear a holier-than-though dogmatic hat and be great, loved and feared by everyone!!

Mario F.
10-09-2006, 01:14 PM
The post in question (note that much has been snipped, for length and given the post's subject)

What on earth does that have to do with moderators!?
Are you having a blonde moment here? It's a question. A doubt. Something went wrong in the code. He needs help. He's in trouble. All the building blocks of a normal, perfectly natural, and quite on topic post. So why do you need a moderator?

If I where a moderator I would ban moderators. The type that thinks moderatoring a board is an honor and a mission.

whiteflags
10-09-2006, 01:24 PM
If I where a moderator I would ban moderators. The type that thinks moderatoring a board is an honor and a mission.
I'm in favor of an anonymous board. (http://wakaba.c3.cx/shii/shiichan)

Tonto
10-09-2006, 02:32 PM
I hate the internet (http://www.anus.com/zine/articles/net/)

Mario F.
10-09-2006, 04:24 PM
As Douglas Adams so well protrayed once, the way we perceive things can be summed as this:


Everything that exists in the world when you are born is normal;
Anything that gets invented between when you were born and before you turn 30 is incredibly exciting and you even think you can make a career out of it.
Anything that gets invented after that is the end of civilization as we know it, an evil thing and probably also something that will move our younglings astray.


Two things strike me immediatly. One is that the younger you are, the bigger the acceptance. Seems plausible. But also, The older you are, the more right.

Salem
10-09-2006, 04:27 PM
I've banned a spammer today, and I feel fine!
<raises glass>
Cheers lads.

Mario F.
10-09-2006, 04:47 PM
Aaahh spammers... the evildoers of the internet. That who commands the spammers has all our undying respect. There is nothing more damaging, more immoral, nothing more hated than spam.

... Of course the bilboards on the streets, commercials every 15 minuts on the telly, magazines with the first half of their pages filled with publicity, sugar packets, telemarketing, football matches, ... we don't have sweet and lovable moderators for those.

I'll raise my glass to that.... but only to that.

Perspective
10-09-2006, 10:19 PM
I'd ban the guy that started this thread (http://cboard.cprogramming.com/showthread.php?t=83948) :P