Search Results

Search found 1086 results on 44 pages for 'thegooduser sp'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 23/44 | < Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >

  • Jumping into argv?

    - by jth
    Hi, I`am experimenting with shellcode and stumbled upon the nop-slide technique. I wrote a little tool that takes buffer-size as a parameter and constructs a buffer like this: [ NOP | SC | RET ], with NOP taking half of the buffer, followed by the shellcode and the rest filled with the (guessed) return address. Its very similar to the tool aleph1 described in his famous paper. My vulnerable test-app is the same as in his paper: int main(int argc, char **argv) { char little_array[512]; if(argc>1) strcpy(little_array,argv[1]); return 0; } I tested it and well, it works: jth@insecure:~/no_nx_no_aslr$ ./victim $(./exploit 604 0) $ exit But honestly, I have no idea why. Okay, the saved eip was overwritten as intended, but instead of jumping somewhere into the buffer, it jumped into argv, I think. gdb showed up the following addresses before strcpy() was called: (gdb) i f Stack level 0, frame at 0xbffff1f0: eip = 0x80483ed in main (victim.c:7); saved eip 0x154b56 source language c. Arglist at 0xbffff1e8, args: argc=2, argv=0xbffff294 Locals at 0xbffff1e8, Previous frame's sp is 0xbffff1f0 Saved registers: ebp at 0xbffff1e8, eip at 0xbffff1ec Address of little_array: (gdb) print &little_array[0] $1 = 0xbfffefe8 "\020" After strcpy(): (gdb) i f Stack level 0, frame at 0xbffff1f0: eip = 0x804840d in main (victim.c:10); saved eip 0xbffff458 source language c. Arglist at 0xbffff1e8, args: argc=-1073744808, argv=0xbffff458 Locals at 0xbffff1e8, Previous frame's sp is 0xbffff1f0 Saved registers: ebp at 0xbffff1e8, eip at 0xbffff1ec So, what happened here? I used a 604 byte buffer to overflow little_array, so he certainly overwrote saved ebp, saved eip and argc and also argv with the guessed address 0xbffff458. Then, after returning, EIP pointed at 0xbffff458. But little_buffer resides at 0xbfffefe8, that`s a difference of 1136 byte, so he certainly isn't executing little_array. I followed execution with the stepi command and well, at 0xbffff458 and onwards, he executes NOPs and reaches the shellcode. I'am not quite sure why this is happening. First of all, am I correct that he executes my shellcode in argv, not little_array? And where does the loader(?) place argv onto the stack? I thought it follows immediately after argc, but between argc and 0xbffff458, there is a gap of 620 bytes. How is it possible that he successfully "lands" in the NOP-Pad at Address 0xbffff458, which is way above the saved eip at 0xbffff1ec? Can someone clarify this? I have actually no idea why this is working. My test-machine is an Ubuntu 9.10 32-Bit Machine without ASLR. victim has an executable stack, set with execstack -s. Thanks in advance.

    Read the article

  • In chrome with a greasemonkey extension, how can I modify an `<a...>` construct to strip out the onc

    - by Ross Rogers
    I want to modify an internal webpage to strip away some of the onclick behavior of certain links. The internal webpage has a bunch of links like: <a href="/slm/detail/ar/3116370" onclick="rallyPorthole.showDetail('/ar/view.sp','3116370','pj/b');return false;">foo de fa fa</a> How can I do an extension to Chrome so it does the following: for link in all_links: if link's href attribute matches '/slm/detail/ar/...': remove the onclick attribute

    Read the article

  • Stored procedure with output parameters vs. table-valued function?

    - by abatishchev
    Which approach is better to use if I need a member (sp or func) returning 2 parameters: CREATE PROCEDURE Test @in INT, @outID INT OUT, @amount DECIMAL OUT AS BEGIN ... END or CREATE FUNCTION Test ( @in INT ) RETURNS @ret TABLE (outID INT, amount DECIMAL) AS BEGIN ... END What are pros and cons of each approach considering that the result will passed to another stored procedure: EXEC Foobar @outID, @outAmount

    Read the article

  • Dynamic sql vs stored procedures - pros and cons?

    - by skyeagle
    I have read many strong views (both for and against) SPs or DS. I am writing a query engine in C++ (mySQL backend for now, though I may decide to go with a C++ ORM). I cant decide whether to write a SP, or to dynamically creat the SQL and send the query to the db engine.# Any tips on how to decide?

    Read the article

  • Sprite not moving when using a function from another class SFML c++

    - by user2892932
    I have a Game.cpp, and I am calling a update function in my Player class. In my player update Function I have it to check for keyboard input, and it seems to work, but whenever I try to call the .move() function, it seems to not work. I get no errors either. I am new to sfml, and decent with c++. Help is appreciated! #include "Player.h" Player::Player(void): vel(0), maxvel(100) { Load("Assets/sss.png",true); } void Player::Update(sf::Sprite& p) { if (sf::Keyboard::isKeyPressed(sf::Keyboard::A)) { moveObject(-3,0, p); } if(sf::Keyboard::isKeyPressed(sf::Keyboard::D)) { moveObject(-3,0, p); } } Player::~Player(void) { } This is the GameObject cpp #include "GameObject.h" #include <iostream> GameObject::GameObject(void) { isLoaded = false; } void GameObject::Load(std::string flname, bool isPlayer) { if(!tex.loadFromFile(flname)) { EXIT_FAILURE; } else { if(isPlayer) { if(!tex.loadFromFile(flname, sf::IntRect(0,0,33,33))) { EXIT_FAILURE; } else { std::cout << "Loading image" << "\n"; filename = flname; spr.setTexture(tex); isLoaded = true; } } else { std::cout << "Loading image" << "\n"; filename = flname; spr.setTexture(tex); isLoaded = true; } } } void GameObject::Draw(sf::RenderWindow & window) { if(isLoaded) { window.draw(spr); window.display(); std::cout << "Sprite drew" << "\n"; } } void GameObject::setPos(float x, float y) { if(isLoaded) { spr.setPosition(x,y); } } sf::Vector2f GameObject::GetObjPos() { return spr.getPosition(); } sf::Sprite& GameObject::getSprite() { return spr; } void GameObject::moveObject(float x, float y, sf::Sprite& sp) { sp.move(x, y); } GameObject::~GameObject(void) { }

    Read the article

  • Global temporary tables getting data from different session in Oracle

    - by Omnipresent
    We have a stored procedure in Oracle that uses global temporary tables. In most of our other stored procedures, first thing we do is delete data from global temporary tables. However, in few of the stored procedures we do not have the delete's. Are there any other options other than adding the delete statements? Can something be done on the Server side to forcefully delete data from those temporary tables when that SP is ran?

    Read the article

  • How can I make exception handling for all existing SQL server 2005 Stored Procedures, view and funct

    - by Space Cracker
    we have a portal that have SQL server 2005 database that contain about 1750 stored procedures , 250 view and 200 function and 95% of them not have handling exception in their code .. we search about any way that allow us making such a global exception handling in SQL that receive any exception happen in any SP,view or function and stored it in a table we made .. is there something like this in SQL server 2005 or we must write exception handling code on each item ?

    Read the article

  • Ms Access DB used by website

    - by Steven
    Hi Guys, I have been asked to update a legacy website. I was originally build in asp using a MS Access DB to store some user details. However I am aware that the DB can be downloaded if you use the correct url. What is the best way to stop this without stopping the website having access to the DB? Thanks Sp

    Read the article

  • Select a column returned by a stored procedure

    - by vaibhav
    I have a stored procedure which is returning me about 50 columns. I want to write a query, where I will be able to select a particular column from the list of column returned by the SP. I tried writing select RSA_ID from exec(uspRisksEditSelect '1') But Its throwing me an error. I think we need to write some dynamic sql for it. But I am new to it.

    Read the article

  • Way to partialy match a Ruby string using Regexp

    - by Fabiano PS
    I'm working on 2 cases: assume I have those var: a = "hello" b = "hello-SP" b = "not_hello" 1 - Any partial matches I want to accept any string that has the var a inside, so b and c would match. 2 - Patterned match I want to match a string that has a inside, followed by '-', so b would match, c does not. I am having problem, because I always used the syntax /expression/ to define Regexp, so how dinamicaly define an RegExp on Ruby??

    Read the article

  • SharePoint Designer for Mac?

    - by Glen Hunt
    I'm looking for some way of editing SharePoint ASPX pages on my Mac, using either a local text editor or some kind of remote-into-the-SP-server solution (like emacs with tramp). I know that Cyberduck has the ability to open WebDAV servers with NTLM authentication, but I've been unable to get that to work. So far, the only solution I've found is to use a remote desktop connection to a Windows Server, and run SharePoint Designer from there. Anyone know of either a better method, or a SharePoint Designer alternative?

    Read the article

  • Load Balancer Timeout

    - by Anilkumar
    "This website is temporarily unavailable. Please check back later. Unfortunately there were no suitable nodes available to serve this request." When I request a stored procedure from my program (SP is taking 2 minutes to execute) the above error is getting. I believe this is because of Load balancer Time out. How we can increment the load balancer time out.

    Read the article

  • How to identify document in SharePoint

    - by saveug
    You can put your documents in SP - cool, but, when its time to reorganize folders structure what I should do with old links? Is there a way how to identify document instead of using URL where path to the document is used? I need something like permanent link: http://mysharepoint/doc-123, where 123 is the document identifier. I need URL to the document which doesn't depend on folders where the document is published. Are there solutions?

    Read the article

  • Why (and when to) use stored procedures?

    - by mr.b
    What would be appropriate scenario when stored procedures should be used? I stumbled upon implementation where almost whole data manipulation was handled by store procedures, even simplest form of INSERT/DELETE statements were wrapped and used via SP's. So, what's the rationale for using stored procedures in general? Sorry for such a beginners question..

    Read the article

  • Can I lock tables in an IF statement in MySQL?

    - by MalcomTucker
    This is throwing a syntax error - --from body of a stored proc IF (name = in_name) SET out_id = temp; ELSE LOCK TABLE People WRITE; INSERT INTO People (Name) VALUES (in_name); UNLOCK TABLE; SELECT LAST_INSERT_ID() INTO out_id END IF do I have to lock any tables I need at the start of the SP?

    Read the article

  • Knowing the type of the stored proc when invoking from C#

    - by dotnetdev
    I am making a windows service to be able to run operations on a sql server database (insert, edit, etc) and invoke Stored Procs. However, is there a way for me to know the type of the SP? When invoking from C#, I need to knof if it is returning 1 value, or more, or none (so I can use executereader, scalar, etc)? Thanks

    Read the article

  • How to treat 64-bit words on a CUDA device?

    - by pikkio
    Hi, I'd like to handle directly 64-bit words on the CUDA platform (eg. uint64_t vars). I understand, however, that addressing space, registers and the SP architecture are all 32-bit based. I actually found this to work correctly (on my CUDA cc1.1 card): __global__ void test64Kernel( uint64_t *word ) { (*word) <<= 56; } but I don't know, for example, how this affects registers usage and the operations per clock cycle count.

    Read the article

  • Adobe 9 Check box required field

    - by Steven
    Hi, I've created reports in Adboe that have checkobxes and set then to required fields. But when i click the submit button all fields but the check boxes are validated. I.e If i dont complete the required textbox field the report will not submit, but when i do and the required checkbox fields are not checked it still submits. This only appears to be happening on Adobe 9 Any ideas? Thanks Sp

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >