MS
Size: a a a
2017 May 05
2017 May 06
AK
AK
The part where the call to strncmp() occurs seems most interesting here:
if(strncmp(computed_response, user_response, response_length))
exit(0x99);
The value of the computed response, which is the first argument, is being tested against the one
that is provided by user, which is the second argument, while the third argument is the length of
the response. It seems quite obvious that the third argument of strncmp() should be the length of
computed_response , but the address of the stack variable response_length, from where the
length is to be loaded, actually points to the length of the user_response!
Given an empty string the strncmp() evaluates to zero thus accepting and invalid response as a valid
one.
No doubt it’s just a programmer’s mistake, but here it is: keep silence when challenged and you’re in.
if(strncmp(computed_response, user_response, response_length))
exit(0x99);
The value of the computed response, which is the first argument, is being tested against the one
that is provided by user, which is the second argument, while the third argument is the length of
the response. It seems quite obvious that the third argument of strncmp() should be the length of
computed_response , but the address of the stack variable response_length, from where the
length is to be loaded, actually points to the length of the user_response!
Given an empty string the strncmp() evaluates to zero thus accepting and invalid response as a valid
one.
No doubt it’s just a programmer’s mistake, but here it is: keep silence when challenged and you’re in.
SS
The part where the call to strncmp() occurs seems most interesting here:
if(strncmp(computed_response, user_response, response_length))
exit(0x99);
The value of the computed response, which is the first argument, is being tested against the one
that is provided by user, which is the second argument, while the third argument is the length of
the response. It seems quite obvious that the third argument of strncmp() should be the length of
computed_response , but the address of the stack variable response_length, from where the
length is to be loaded, actually points to the length of the user_response!
Given an empty string the strncmp() evaluates to zero thus accepting and invalid response as a valid
one.
No doubt it’s just a programmer’s mistake, but here it is: keep silence when challenged and you’re in.
if(strncmp(computed_response, user_response, response_length))
exit(0x99);
The value of the computed response, which is the first argument, is being tested against the one
that is provided by user, which is the second argument, while the third argument is the length of
the response. It seems quite obvious that the third argument of strncmp() should be the length of
computed_response , but the address of the stack variable response_length, from where the
length is to be loaded, actually points to the length of the user_response!
Given an empty string the strncmp() evaluates to zero thus accepting and invalid response as a valid
one.
No doubt it’s just a programmer’s mistake, but here it is: keep silence when challenged and you’re in.
2017 May 10
SJ
SJ
Это не ко мне
EB
EB
EB
Вот это фейл так фейл.
EB
Факап года, я считаю.
EB
Так спалиться 😂
⠀
дак всем похуй же
⠀
может быть и это скомпрометировано
EB
Может, но вряд ли. Если только Макрон не "сам себя взломал" привинтивно. Опасаясь русских хакеров.
SJ
можно ему на мыло написать, спросить
EB
Макрону?
EB
Кстати идея.
EB
Почему СМИ не найдут этого хакера и не спросят.
EB
А, вроде спрашивали. Он отказался отвечать.