Security practice (contest)

conceited

I'm coding my program in nasm so it's going to take alot longer.I've everything figured out now just to finish my network coding.

h57xiucj2z946q

cool, look forward to your results.

conceited

Hows everyone else getting on ?

h57xiucj2z946q

I think you and Average Joe are the only ones interested in it.

conceited

Livewire,
gerryk,
challengemaster,
DexIsI,
lordlame,
acidstorm,
C\m\C,
Stamen

Martyr

i haven't done anything with it since saturday night, but all that was left to do with the code i posted was add shellcode and a memory address.
if i get a chance tonight, i'll try finish it.

h57xiucj2z946q

Anyone got any results go post? If not, I'll have a report up soon.

conceited

Might aswell give it the full week damo. I will have it done before it ends.:pac:

knuth

haven't been near the beer in awhile

h57xiucj2z946q

are you trying it lordlame?
I was on a session at the weekend :-)

conceited

What do you think of this?
http://homepage.eircom.net/~petcdsl/hack2.htm
Is it over the top doing a video of the code etc.
:pac:

h57xiucj2z946q

No, I think its a very good idea.

livewire2k

ok this challeneg is a bit harder, u have to write ur own explot, when i was trying to crack this little app winXp did noting but crash on me, so i had to reboot a lot.Was chating to Damo about it, in xp u have to turn off dep heres a link to tell u how http://www.tech-recipes.com/windows_tips566.html.

ok chat yas l8r
peace livewire!

btw i might hold the next challege (make it a linux one)

conceited

I'm going to finish off my comments in my code. Make a little video and post it up on the last day which is saturday right?

livewire2k I don't see how dep affects this program.

h57xiucj2z946q

DEP affects the execution of code from stack/heap, maybe he's talking in relation to shell code, I dunno, but I don't know if DEP causes a OS crash on a given scenario such as this challenge.

conceited

I thought dep on windows was only to do with the seh as it's only software based not hardware right?I don't see either how it can crash xp.Correct me if im wrong.

h57xiucj2z946q

DEP has hardware support also for compliant hardwares.

conceited

Ya but on xp it's only software as far as I can see.Shouldn't affect the overflow anyway.

h57xiucj2z946q

I think he's got it working now anyway.

Martyr

so its over?
did you get your name into file on desktop, conceited?

h57xiucj2z946q

No the server is up till saturday.

Martyr

Great! i'll still have a go before then.

h57xiucj2z946q

yup give it a lash

Martyr

is the port still open?
in an internet cafe, maybe they have it blocked here.

h57xiucj2z946q

it should be, but its conceited that's hosting it.

Martyr

ok, i can't access it from here anyway..

tested my code on winxp sp3 32-bit + winxp 64-bit, and both worked fine, i'm guessing it will work fine on win2k sp4 too..

couldn't test this on win2k, had an old laptop with it installed which died on me durin the week.

h57xiucj2z946q

if your doing the same method as me, then your return address is all that needs to be changed for win2k sp4

Martyr

just connected from a different place, can you check the administrators desktop? because the assembly code only executes a command creating sec_practice.txt

if your doing the same method as me, then your return address is all that needs to be changed for win2k sp4

i'm using address that *should* be the same on all operating systems (except code uses PEB, so obviously won't work on 9x/NT) but i still haven't tested + confirmed it to work on win2k.

exploit sent, so let me know if it worked or not..if not, thats all i'm doin.

conceited

Hi Joe ,

I just had a look at the server and nothing new is on the desktop unfortunately.

Martyr

hmm, well what time is the server being taken down?
i might still have time to re-install win2k on another computer..