|
I was listening to the news on the radio whilst driving home tonight, and the girl reading the news did a list of "this day in history" items. One of them was in 1992, the Rodney King riots started.
I almost drove off the road when I realized that was twelve years ago. I can remember it like yesterday, I was on campus at UCLA working in one of the computer labs when I first heard about the riots starting. The following days were pretty bad and the air smelled like smoke due to all the idiots setting stuff on fire.
--Mike--
Personal stuff:: Ericahist | Homepage
Shareware stuff:: 1ClickPicGrabber | RightClick-Encrypt
CP stuff:: CP SearchBar v2.0.2 | C++ Forum FAQ
----
Kosh reminded me of some of the prima-donna programmers I've worked with. Knew everything but when you asked them a question; never gave you a straight answer.
-- Michael P. Butler in the Lounge
|
|
|
|
|
|
|
Note: I've copied this post here from its original location[^] to give it (hopefully) better visibility. Buffer overruns are possible because on x86 there are not separate categories of "readable memory" and "executable memory". If a block of memory has one permission, it has the other. They also work because a thread's local variables and return addresses are in the same area of memory, its stack.
Here's a typical stack with the default size of 1 MB, after one function call. Note how the stack grows down from high addresses towards low addresses.
0 100000
+--------------------------+
| <unused>|<vars>|<retaddr>|
| | | 40AE |
+--------------------------+
^ top of stack That indicates that when the current function returns, control resumes at address 0x40AE. Now after a few calls, the stack will have a few layers of that:
0 100000
+------------------------------------------------------------+
| <unused>|<vars>|<retaddr>|<vars>|<retaddr>|<vars>|<retaddr>|
| | | 4E33 | | 4AD1 | | 4F10 |
+------------------------------------------------------------+
^ top of stack Now lets say the current function declares a char[10] array as its only local variable. That array is denoted by asterisks:
0
+-------------------------------
| <unused>|<vars> |<retaddr>| ...
| |**********| 4E33 |
+-------------------------------
^ top of stack If the function blindly strcpy 's an input string (from say, the network) into that buffer, without checking the length of the source string, it will write past the end of the array, over the return address. The copied bytes are denoted by $:
0
+-------------------------------
| <unused>|<vars> |<retaddr>|
| |$$$$$$$$$$$$$$$$$$$$$$$ ...
+-------------------------------
^ top of stack All a hacker has to do is figure out what to use as the $$$ to change the overwritten return address to be an address within the $$$ itself. Since the $$$ is the malicious data, the hacker has control over it.
0 7AE1 100000
+------------------------------+---------------------+
| <unused>|<vars> |<retaddr>| |
| |$$$$$$$$$$| 7AE1 $$$$$$$$$$$$$ ... |
+----------------------------------------------------+
^ top of stack When the function returns, the thread reads its return value, which has been changed to point to within the $$$. Now the hacker has made the thread execute memory that he planted in the stack. If that thread happens to be running in a powerful account (like Admin or Local Service), bingo, your box is 0wn3d.
--Mike--
Personal stuff:: Ericahist | Homepage
Shareware stuff:: 1ClickPicGrabber | RightClick-Encrypt
CP stuff:: CP SearchBar v2.0.2 | C++ Forum FAQ
----
"Linux is good. It can do no wrong. It is open source so must be right. It has penguins. I want to eat your brain."
-- Paul Watson, Linux Zombie
|
|
|
|
|
Whoa boy. The June 2003 FHM (US edition of course) has some pics of the Buffy girls. New pics of Alyson. *drool* All I can say is DAY-UM.
Check out some scans here[^] (not safe for work)
[edit]The pics are gone now The site had to take down a lot of its galleries due to its popularity and the resulting bandwidth costs.[/edit]
--Mike--
Ericahist | Homepage | RightClick-Encrypt | 1ClickPicGrabber
"You have Erica on the brain" - Jon Sagara to me
|
|
|
|
|
LOL!
You're really desperate, aren't you?
Rickard Andersson8
Here is my card, contact me later!
UIN: 50302279
E-Mail: nikado@pc.nu
Interests: C++, ADO, SQL, Winsock, 0s and 1s
|
|
|
|
|
|
Me too...
although I must admit I have also recently developed a thing for Fred from Angel too!!...
...oh and Faith rocks too....!!!....
But Willow/Aly is the queen babe!!
|
|
|
|
|
|
|
|
|
|
Sorry, I am newer hear.
and Try to test writing message
Develope yourself
|
|
|
|
|
Welcome to CodeProject If you're looking for a place to interact with the other CP members, check out the Lounge[^]
welcomes you
--Mike--
THERE IS NO THERE IS NO BUT THERE IS
MAGIC PIXIE DUST BUSINESS GENIE CODE PROJECT
Homepage | RightClick-Encrypt | 1ClickPicGrabber
"You have Erica on the brain" - Jon Sagara to me
|
|
|
|
|
anyway, your girl friend looks not bad
Have you ever study chinese?and what is the degree have you master it?
wish you make a tour in china with your lover, but not now because the SARS
|
|
|
|
|
Well, I hated my old picture, and I had this nice one of Alyson, so....
Marquis.D.J wrote:
Have you ever study chinese?and what is the degree have you master it?
I only studied for one year in college, and that was... oh man, now I feel old... 1993-94, so I've probably forgotten a lot by now.
I was talking with a friend of mine a few weeks ago about going to China (he was born in the US, but his parents are from Taiwan and he'd like to go to China) but the Gulf War II and SARS have put a damper on that for the time being.
--Mike--
THERE IS NO THERE IS NO BUT THERE IS
MAGIC PIXIE DUST BUSINESS GENIE CODE PROJECT
Homepage | RightClick-Encrypt | 1ClickPicGrabber
"You have Erica on the brain" - Jon Sagara to me
|
|
|
|
|
MSN's[^] tagline on their pages is "More Useful Everyday." Um, can the slogan writer please get his spelling right?
It should be "More Useful Every Day."
--Mike--
Just released - 1ClickPicGrabber - Grab & organize pictures from your favorite web pages, with 1 click!
My really out-of-date homepage
Sonork-100.19012 Acid_Helm
|
|
|
|
|
Hi Michael Dunn,
Thanks very much for ur 2 articles on Strings..appreciate them a lot
I will definitely read your other articles..
They are life savers..
Very good karma for you..
Regards,..
|
|
|
|
|
Never noticed that.
Regards,
Brian Dela
|
|
|
|
|
Michael Dunn wrote:
MSN's[^] tagline on their pages is "More Useful Everyday." Um, can the slogan writer please get his spelling right?
It should be "More Useful Every Day."
Hah! That is nothing. Have you seen the MSN8 adverts? I feel dirty just being on the same page as one of those ads. I mean, the guy is wearing a butterfly suit with dandelion feelers on his head...
If I was him I would get back in my cocoon and hope to god I came out as a caterpillar again.
Paul Watson Bluegrass Cape Town, South Africa
Ray Cassick wrote:
Well I am not female, not gay and I am not Paul Watson
|
|
|
|
|
Hey Michael???
Just noticed you've changed a bit on your profile pic... You on HRT?
Regards,
Brian Dela
Run naked in the snow until you're sweating like a stuck pig and can't seem to catch your breath. When the flu becomes pneumonia, they can cure that with a shot. - Roger Wright
|
|
|
|
|
HRT
I guess the answer's no... I just got tired of that picture (I never like how I look when I pose for a pic) and who better to have take my place than Aly
--Mike--
The Internet is a place where absolutely nothing happens.
-- Strong Bad
1ClickPicGrabber - Grab & organize pictures from your favorite web pages, with 1 click!
My really out-of-date homepage
Sonork-100.19012 Acid_Helm
|
|
|
|
|
Ah, now I remember: you were the guy who dresses up as Willow...
everytime I see your new profile pic I have Strongbad singing TROGDOR! THE BURNINATOR! in my head...
"Der Geist des Kriegers ist erwacht / Ich hab die Macht" StS
sighist | Agile Programming | doxygen
|
|
|
|
|