Stack Warmup #5: Solution! – Part 2
May 26, 2010
Hello again, last post about abo #5 we have talked about leave and ret instruction and trace our goal path. Today, I’m gonna do my best to implement it and to force the application to do what we want.
Stack Warmup #5: Solution! – Part 1
May 17, 2010
At the begginning I got the impression that abo#5 will be a pice of cake.. so I sat on this for a couple of weeks confident in my prediction.
Today I picked it up just for noticing that I was WRONG! Abo #4 and Abo #5 are really difficult, and 5 “requires” 4′s solution. Today, I’m gonna solve Abo #5, well… I’ll try to give the basic ideas for my solution and on part 2 I’ll complete the explanation 
/* stack5.c *
* specially crafted to feed your brain by gera */
int main() {
int cookie;
char buf[80];
printf("buf: %08x cookie: %08x\n", &buf, &cookie);
gets(buf);
if (cookie == 0x000a0d00)
printf("you lose!\n");
}
Where is the “you win!” string? It says you lose! There are not way to win!!!!! Wait, we are trying to be hackers so we should think a path to print you win!
