Thread: Format String Attack

The format string attack is only possible if you do something dumb like

fgets( message, sizeof message, stdin );
printf( message );

In other words, you pass a completely untrusted user input string direct to printf as the format string.

Originally Posted by Adak

If the OS gives a program virtual memory which varies each time (for all practical purposes), I don't see what good a fixed address in memory will do you.
...

Yes, i suppose you are right but it is reasonable to consider that if you have access to the application during runtime, you can deal with this difficulty (pls correct me if i'm wrong).

About the "cracking" part..
Just consider for a sec that those of you who have the appropriate knowledge to accuse me of cracking must have earned it some way.. And i am only trying to do the same thing..
(It is considerable though that it's way more common for people who make "dangerous" questions to be accused of cracking, rather than people who hold the "dangerous" answers)..
Anyway, i won't try to convince you about my intentions any more..

Unless someone has something useful to say, let this thread be forgotten (until i ask a cracking related question again, so there will be one more reason to point me as "cracker" )

So long..

Those that have gained "cracking" knowledge, but have no desire to deploy it (and perhaps to actively fight against it) almost certainly did not come to a forum begging for answers for it. Script kiddies do that kind of thing.

If it's morally wrong to me to share this knowledge with you, it's also morally wrong for me to point you in the direction to learn it.

Do you lack any and all understanding of morality?

Besides which, I was under the impression that discussing cracking-related items was prohibited on these forums.

Long live the skiddies

And if there was some 'attack vulnerability' would it really be in our best interests to tell you? Considering no doubt you'd be planning to 'test' it on software various members may have untimely contributed to.

And I would say this falls under rule number 6,

Originally Posted by http://cboard.cprogramming.com/announcement.php?f=4&a=51

6. Messages relating to cracking, (erroneously called "hacking" by many), copyright violations, or other illegal activities will be deleted. This includes all messages reguarding to keyloggers.

Originally Posted by tezcatlipooca

Hi,
You can easily see that when one needs to write something like the following:

Code:

printf("\x12\x24\xef\x00\%n);

What I can easily see is that that code doesn't compile.

Originally Posted by brewbuck

I dunno. You can't learn how to write secure code without also learning how to break it.

You needed to know how to exploit a buffer overflow before knowing to use fgets() over gets()?

I think your premise is incorrect that you need this knowledge to be a safe programmer.

With that said, you are correct that learning this may help you with a greater understanding of what happens under the hood and why we do the safety precautions that we do. I do not pretend crackers will disappear if we don't teach them how to abuse technology, but I do think it's completely ridiculous to help this idiot. Everything in his posts just screams that he's a stupid wannabe haxor. At the very least, all we would be doing by helping people with bad intentions is working towards adding yet another idiot to the ranks of people that will be sending out malware to screw over people that don't know how to better secure their computers. We whine and complain for every spammer and virus writer that plague the internet, but when some idiot wants to know how to do the same, there almost always seems like there's someone to teach the overeager pupil.

Real cracking should not be discussed like this where it makes the knowledge easy to abuse. Perhaps one person is not a problem, but of all the people that could be reading topics like this.... how many people do you think would mind bending the rules? Perhaps I'm wrong, and we should be going towards an open-ended policy of sharing all information, but at this point, I know what damage one idiot can do, and I don't feel like helping him.

If he's really a genius that just wants to learn it for the sake of fighting against it, or better protecting his code, he wouldn't be on the forums here asking about it.

I would even venture to guess, brewbuck, that you never asked a question related to cracking on these forums, and that's not how you learned it. Correct me if I'm wrong.