Extbasic 1

Learn how to do code review

Extbasic 1

Post by 2bitmarksman on Tue May 13, 2008 4:46 pm
([msg=2375]see Extbasic 1[/msg])

I'm having a bit of trouble understanding what we are supposted to do in Extbasic 1. Are we entering a variable name? Are typing in code that outputs a variable value? Are we reentering that line of code to something that will crash it? Anyone mind clarifying?
2bitmarksman
New User
New User
 
Posts: 1
Joined: Wed Apr 23, 2008 11:40 am
Blog: View Blog (0)


Re: Extbasic 1

Post by novalyphe on Thu May 15, 2008 7:17 am
([msg=2504]see Re: Extbasic 1[/msg])

The value you put in is used as the value for the function.

Your aim is to enter something which will cause it to crash.
novalyphe
Experienced User
Experienced User
 
Posts: 51
Joined: Mon Apr 14, 2008 11:15 am
Blog: View Blog (0)


Re: Extbasic 1

Post by lambda0 on Sun May 18, 2008 11:06 am
([msg=2734]see Re: Extbasic 1[/msg])

Perhaps reading the tutorial will clear things up a bit :/
User avatar
lambda0
New User
New User
 
Posts: 20
Joined: Sun May 04, 2008 7:00 am
Blog: View Blog (0)


Re: Extbasic 1

Post by T3hR34p3r on Thu Jul 03, 2008 4:11 am
([msg=6433]see Re: Extbasic 1[/msg])

You are putting in a line of code that the script will read it. The script will read it, process it, and then display the length of the string that YOU put inside of it.
They call me Ishmael... I'm not sure why.
User avatar
T3hR34p3r
Experienced User
Experienced User
 
Posts: 87
Joined: Sun May 18, 2008 2:23 am
Blog: View Blog (0)


Re: Extbasic 1

Post by somand on Mon Sep 01, 2008 8:23 am
([msg=10755]see Re: Extbasic 1[/msg])

:| I just passed the mission...but.... I don't know how. I crashed the program of course, but I would like to know what is the best method to do it, could anyone PM me?
somand
New User
New User
 
Posts: 2
Joined: Mon Sep 01, 2008 7:38 am
Blog: View Blog (0)


Re: Extbasic 1

Post by southafrica1 on Fri Oct 24, 2008 3:23 pm
([msg=14036]see Re: Extbasic 1[/msg])

o.k this should help. strcpy is probably the most dangerous command in C. You don't have to enter a command into the box. try to call an element of the array with an index higher than the max set when declaring the array. But you must look at the variable char. char stores a single character such as 1. So if I type 100 in the box it does not mean the value 100 but the value 3 because there are 3 characters in 100.

so you must find out what the max was set at and exceed it by using single characters.(d=1, dd=2 and so on)
southafrica1
New User
New User
 
Posts: 6
Joined: Fri Jul 04, 2008 8:39 am
Location: South Africa
Blog: View Blog (0)


Re: Extbasic 1

Post by goluhaque on Fri May 08, 2009 5:13 am
([msg=23379]see Re: Extbasic 1[/msg])

Wat I don't understand is dat whenever I put in a String in the box & click on "Check", the mission page reloads without the anser. Is it a bug or just a part of the mission?

-- Fri May 08, 2009 3:45 pm --

Wat I don't understand is dat whenever I put in a String in the box & click on "Check", the mission page reloads without the anser. Is it a bug or just a part of the mission?
(23:45:03) hauk: I guess you are over the best part of your life when 4-year-olds say "Are you an evil man?"
(23:46:19) hauk: and "Ima punch you in the pecker"
User avatar
goluhaque
Poster
Poster
 
Posts: 153
Joined: Mon Apr 13, 2009 12:08 am
Location: India
Blog: View Blog (0)


Re: Extbasic 1

Post by ManOfWar on Sat Jun 13, 2009 5:56 am
([msg=25305]see Re: Extbasic 1[/msg])

Alright, my first posting, so I'll try to be as discreet and helpful as possible. Southafrica1 is dead on with his advice. If you read what he posted, you should be able to solve this mission. Remember, the objective of these missions is to LEARN the reasoning behind it, not just knock it out.

Examine the code:
Code: Select all
void blah(char *str) { char lol[200]; strcpy(lol, str); }


Get a grasp for what this code does (remember, google is your friend!). Once you know what this code is doing, you need to find your way to exploit it. Unfortunately, this won't be accomplished by adding code (to the best of my knowledge), as whatever you enter will be a string. This means we will have to find a way to exploit our data type. Once you have an idea of where we're at, the best course of action would be to insert an illegal value into our data type. Remember, if you really want the value out of this mission, you'll do your research. I personally have VERY little experience in C++, and none in C (apart from some similarity between the two). 5 - 10 minutes of reading should be all it takes to learn what you need to know to tackle this mission. Between the information southafrica1 and myself provided, you should have a good idea where to start learning. Apologies if this contains spoilers, I personally just see it as a launch pad for learning the basics.
ManOfWar
New User
New User
 
Posts: 2
Joined: Sat Jun 13, 2009 5:29 am
Blog: View Blog (0)


Re: Extbasic 1

Post by Chuck_Norris_RHK on Mon Jun 22, 2009 12:03 am
([msg=25720]see Re: Extbasic 1[/msg])

Examine the code.
Code: Select all
void blah(char *str) { char lol[200]; strcpy(lol, str); }

Look at 'char lol[200]' The answer is right there. (Obviously the answer is not 'char lol[200]' :P)

I am well aware no one has posted on this for 10days, but I'm sure I could help. :P
Chuck_Norris_RHK
New User
New User
 
Posts: 1
Joined: Sun Jun 21, 2009 11:59 pm
Blog: View Blog (0)


Re: Extbasic 1

Post by code2004 on Thu Jul 23, 2009 6:16 pm
([msg=27303]see Re: Extbasic 1[/msg])

Um yeah, I managed to finish this level... I don't know how, because I didn't enter the right code. I know how to complete this, but would someone tell me how I accidentally completed this... (!?!??!?) xD

Code
Image
.............................H..o.....i..l.....C..u..o..r..e.....S..p..e..z..z..a..t..o.............................
User avatar
code2004
New User
New User
 
Posts: 36
Joined: Sat Jun 13, 2009 5:23 am
Blog: View Blog (0)


Next

Return to Extended Basics

Who is online

Users browsing this forum: No registered users and 0 guests

cron