diff options
author | iximeow <me@iximeow.net> | 2018-01-03 04:30:20 -0800 |
---|---|---|
committer | iximeow <me@iximeow.net> | 2018-01-03 04:30:20 -0800 |
commit | 254e5affeb387f63fc74913f7806b3e144d0e4f6 (patch) | |
tree | 39b792cb88d47628c2423c8ebd7edaf67fe4571d /source/notes/star_trek_armada/sprintf_overflow | |
parent | b2074b0f9c3f0def3d6d66ef9b91d69bdd6a19ad (diff) |
add star trek armada notes
Diffstat (limited to 'source/notes/star_trek_armada/sprintf_overflow')
-rw-r--r-- | source/notes/star_trek_armada/sprintf_overflow | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/source/notes/star_trek_armada/sprintf_overflow b/source/notes/star_trek_armada/sprintf_overflow new file mode 100644 index 0000000..0f65342 --- /dev/null +++ b/source/notes/star_trek_armada/sprintf_overflow @@ -0,0 +1,20 @@ + [36m [0m[32m0x0043ff4d[0m [37m8d[37m85[37md0[37mfd[31mff[31mff[0m [37mlea[36m eax[0m,[36m [0m[[36mebp [0m-[36m[36m [33m0x230[0m][36m[0m[0m[0m + [36m [0m[32m0x0043ff53[0m [33m68[37m04[37m01[32m00[32m00[0m [35mpush[36m [33m0x104[0m[0m[0m + [36m [0m[32m0x0043ff58[0m [33m50[0m [35mpush[36m eax[0m[0m[0m + [36m [0m[32m0x0043ff59[0m [31mff[37m15[37m80[36m7f[33m6d[32m00[0m [1;32mcall dword [sym.imp.MSVCRT.dll__getcwd][0m[31m ; 0x6d7f80[0m + [36m [0m[32m0x0043ff5f[0m [37m83[37mc4[37m10[0m [33madd[36m esp[0m,[36m[36m [33m0x10[0m[0m[0m + [36m [0m[32m0x0043ff62[0m [37m85[37mc0[0m [36mtest[36m eax[0m,[36m[36m eax[0m[0m[0m + [36m ,=< [0m[32m0x0043ff64[0m [33m74[33m3c[0m [32mje 0x43ffa2[0m[0m + [36m | [0m[32m0x0043ff66[0m [33m68[33m6c[37maa[33m5f[32m00[0m [35mpush[36m [33mstr.PATH[0m[0m[31m ; 0x5faa6c[31m ; "PATH"[0m + [36m | [0m[32m0x0043ff6b[0m [31mff[37m15[37m84[36m7f[33m6d[32m00[0m [1;32mcall dword [sym.imp.MSVCRT.dll_getenv][0m[31m ; 0x6d7f84[31m ; "x\xb9-"[0m + [36m | [0m[32m0x0043ff71[0m [37m8d[37m8d[37md0[37mfd[31mff[31mff[0m [37mlea[36m ecx[0m,[36m [0m[[36mebp [0m-[36m[36m [33m0x230[0m][36m[0m[0m[0m + [36m | [0m[32m0x0043ff77[0m [37m8d[37m95[37md0[37mfd[31mff[31mff[0m [37mlea[36m edx[0m,[36m [0m[[36mebp [0m-[36m[36m [33m0x230[0m][36m[0m[0m[0m + [36m | [0m[32m0x0043ff7d[0m [33m51[0m [35mpush[36m ecx[0m[0m[0m + [36m | [0m[32m0x0043ff7e[0m [33m52[0m [35mpush[36m edx[0m[0m[0m + [36m | [0m[32m0x0043ff7f[0m [33m50[0m [35mpush[36m eax[0m[0m[0m + [36m | [0m[32m0x0043ff80[0m [37m8d[37m85[37md0[37mfb[31mff[31mff[0m [37mlea[36m eax[0m,[36m [0m[[36mebp [0m-[36m[36m [33m0x430[0m][36m[0m[0m[0m + [36m | [0m[32m0x0043ff86[0m [33m68[33m74[37maa[33m5f[32m00[0m [35mpush[36m [33mstr.PATH__s__s_AI__s_Missions_[0m[0m[31m ; 0x5faa74[31m ; "PATH=%s;%s\\AI;%s\\Missions;"[0m + [36m | [0m[32m0x0043ff8b[0m [33m50[0m [35mpush[36m eax[0m[0m[0m + [36m | [0m[32m0x0043ff8c[0m [31mff[37m15[37mdc[36m7f[33m6d[32m00[0m [1;32mcall dword [sym.imp.MSVCRT.dll_sprintf][0m[31m ; 0x6d7fdc[31m ; "v\xb8-"[0m + [36m | [0m[32m0x0043ff92[0m [37m8d[37m8d[37md0[37mfb[31mff[31mff[0m [37mlea[36m ecx[0m,[36m [0m[[36mebp [0m-[36m[36m [33m0x430[0m][36m[0m[0m[0m + [36m | [0m[32m0x0043ff98[0m [33m51[0m [35mpush[36m ecx[0m[0m[0m |