Saturday, April 30, 2016

Overthewire: Behemoth

Behemoth is the next suggested level after narnia, while it still binary exploitation it does not provide the source code of the challenges. Thus requiring users to read the assembly code.

Behemoth0:
ltrace, strings

Behemoth1:
Shellcode Injections , buffer overflow



Behemoth2:
Absolute adressing


Just a comment :
Reading the main code this time we can see that that canary protection has been activated. You can see this using the following code

   0x08048579 <+12>:    mov    %gs:0x14,%eax
   0x0804857f <+18>:    mov    %eax,0x9c(%esp)
   0x08048586 <+25>:    xor    %eax,%eax

    0x08048620 <+179>:    mov    0x9c(%esp),%edx
   0x08048627 <+186>:    xor    %gs:0x14,%edx
   0x0804862e <+193>:    je     0x8048635 <main+200>
   0x08048630 <+195>:    call   0x80483f0 <__stack_chk_fail@plt>

Posted by at No comments:
Labels:

Sunday, April 24, 2016

OvertheWire: Narnia

I realised while solving the challenges is that sometimes you just want a little bit hint and not a complete walkthrough , So I am listing hints for narnia challenges

These challenges are based on C fundamentals and binary exploitation techniques which usually direct implementation in many cases. 



Level0 :
DIY

Narnia1:
Shellcode in environment variable

Narnia2:
Buffer Overflow + Shellcode

Narnia3:
Buffer Overflow , symlinks

Narnia4:
No hints for this

Narnia5:
https://www.owasp.org/index.php/Format_string_attack
http://forum.ouah.org/FormatString.PDF

Narnia6:
Function Pointer can be overwritten
https://www.exploit-db.com/docs/28553.pdf

Narnia7:
Format String Vulnerability
ltrace

Narnia8:
 


If you want more detailed explanation or have any doubts or are stuck somewhere , welcome to comment below.


Posted by at 1 comment:
Labels:

Tuesday, February 16, 2016

PCA in matlab

Here is a great introduction to PCA for beginners and I can't do better than this Princeton PCA

After reading this I was a bit confused on how to apply this in my matlab code. Let's go through it

    
    [eigenvectors,score,latent] = pca(md);
    md = md * eigenvectors(:,1:10);
    fprintf('Eigenvalues for the data \n');
    disp(latent);

Here md contains my data, suppose that is a matrix of size 10000 x 15 . Now generally I should do some analysis on the variances of eigenvectors before selecting the final dimension that I want. But let's just say that I want 10 .

eigenvectors is a 15 x 15 matrix whose columns are my eigenvectors. Now I project my original data onto the space given by this and get the reduced matrix in md.
Posted by at No comments:

Sunday, January 31, 2016

Elementary OS with ASUS zenbook

So I recently bought a Asus Zenbook UX305LA FC004T. It's in the same price range of a macbook air but with higher specs. Lookwise it looks like a macbook air copy and comes with a Windows 10 pre-installed.

But for people like who need a linux distro, elementary OS is the upcoming OS who is taking the world by a storm. You will defintely like its UI and its a good combination with Asus Zenbook.

My reviews with the combinations
1. Battery life is about 8hrs with full charge and moderate use, should be more for windows
2. Speakers are very low volume there are few hacks suggested for this.
3. Screen is good and its pretty lighweight and sturdy, my friend sat on it accidentally , still all is good.

Compared with macbook air which comes in the same price range I don't know how this device would fare, but given the extra 128 gb and extra 4gigs ram this seems the better choice.


Few things that I did to install Elementary OS

After dual booting my PC with Freya, I did the following
sudo apt-get install ubuntu-restricted-extras
Run a sudo apt-get update before and enable the canonical partners repository.

Following tools are a must

  • Synapse, a semantic serach engine it makes life beautiful when using linux 
  • Elementary Tweaks
  • Glipper, saves the content of your copyboard
  • KeePassX, saves the mundane password and the touble of filling them
Posted by at No comments:

Monday, January 25, 2016

Becoming better with vim

These are the things that I learn while on my vim journey

Here is good list of articles that you should read, to start with this is an excellent cheat sheet for vim

A Introductory cheatsheet, do this before going to another

http://www.viemu.com/a_vi_vim_graphical_cheat_sheet_tutorial.html

Then these articles are helpful

Moolenar : Good Vim Habits

ctags, is a very good tool for navigating through big projects.

Here is another very good blog about learning vim
http://yannesposito.com/Scratch/en/blog/Learn-Vim-Progressively/

definitely do the above before moving on.

Next steps after learning these shortcuts is having a good .vimrc file, which is basically a configuration file for your vim( stored in the HOME directory). You can search for popular .vimrc on the net. I'll list a few that I find good

Plugins , now as suggested by a friend I started using vundle , which is a vim plugin manager.
 


Posted by at No comments:

Monday, November 23, 2015

Minimum No. of Jumps

Given an array of non-negative integers, you are initially positioned at the first index of the array.
Each element in the array represents your maximum jump length at that position.
Your goal is to reach the last index in the minimum number of jumps.
Example :
Given array A = [2,3,1,1,4]
The minimum number of jumps to reach the last index is 2. (Jump 1 step from index 0 to 1, then 3 steps to the last index.)
If it is not possible to reach the end index, return -1.

 Follow this link to read a O(n^2) solution GeeksforGeeks: Minimum number of jumps

Read my O(n) solution below

Posted by at No comments:
Labels:

Sunday, October 11, 2015

Maximum Product Subarray

One of the standard dp problems, the approach given below is similar to kadane algorithm for maximum subarray sum problem. The code given below fails when negative output is the max possible. For example the input

Input : -4


Comments are welcome.
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)