Super-brain hacker
HOME / Romantic / Super-brain hacker / Chapter List

Chapter 139 Stack Buffer Overflow

The next day, the school canteen.

The SAM trio gathered together for dinner again.

The scars on Arthur and Matthew's faces could not be seen if they didn't pay attention, and the swelling had completely disappeared. They all praised Lin Hong's "Yunnan Baiyao" for being very magical.

On their table, there are three TI-82 calculators. While eating, they look at the calculators on the table from time to time. Sometimes they look at each other and smile at each other. Although their faces are tired, they look very excited and proud between their eyebrows.

These three calculators are exactly the calculators that have been successfully cracked!

After eating quickly, Matthew immediately picked up his calculator, pressed it a few times, raised a directory, and then ran the program in it. The entire calculator LCD screen suddenly refreshed, and a small black strip on the right side began to slowly move from right to left. Matthew put the calculator side. I came over and began to play with relish.

Yesterday, the circuit drawings of the TI-82 calculator were published directly on BBS, so the information mailed by Texas Instruments is actually of little significance. That person is an engineer of Texas Instruments. He answered many questions raised by users on it and said that everyone is welcome to make suggestions for improvement, and he will submit feedback to the company.

Because they got the drawings in advance, the cracking was immediately mentioned in their daily life. The three people who were struggling were not in the mood to sleep at all. They made an important decision, that is, they must crack the calculator before the homecoming dance.

They work together. Matthew and Arthur are responsible for designing an interesting software or game, while Lin Hong is responsible for cracking the calculator. After it is cracked. Just port it to the calculator, which is a great surprise for everyone.

Due to the foundation of those posts on BBS, Lin Hong has a great grasp of cracking the calculator. He finally asked Arthur to take out the toolbox, take the calculator apart, and carefully studied the hardware structure of the calculator according to the circuit diagram.

In the end, Lin Hong decided that there was no need to modify the hardware of the calculator, so he could completely break through the restrictions set by Texas Instruments on the firmware.

This is because of one of the posts. A user described a phenomenon he found. According to the order and way of the keys he gave, the calculator can enter a special mode - "DEBUG-N". However, the user's reply post was soon overwhelmed by other replies that followed, and only a few people noticed his reply.

Because Lin Hong needs to crack the calculator, he pays more attention to all the replies to the opposite side. He attached great importance to this user's reply. He specially operated his calculator in the order described by the other party, and then connected the calculator to the computer for a series of tests. As a result, he was surprised to find that this mode seemed to be used by engineers of Texas Instruments in the development process for debugging. Use it. In this mode, the user has a lot of permission to operate the calculator.

This is definitely good news. Originally, Lin Hong thought that the hardware needed to be changed, but now there is a way to enter this mode. He can crack the calculator directly from the loopholes in the software without going through the hardware.

After a night of struggle, Lin Hong finally succeeded.

He found a stack buffer overflow in the calculator, so he successfully wrote his own code into it, breaking through the restrictions of the firmware system on the user's operating space.

In the process of running the program, it is necessary to temporarily access data. Generally, some memory space is allocated, which is usually called a buffer.

This area is generally available for data storage and deletion, and the protection level is not strict. Outside the buffer, there are other system kernel data areas, and the stored data is very important data in the system. Once those data are modified, the whole system may crash. Of course, there may be other unexpected results.

Therefore, these system kernel data areas are strictly restricted and protected, and users cannot operate on them.

stack is a special data structure characterized by first in and out. It's like a dead end. Everyone queues in, stops entering when it's full, and then comes out in line one by one. The person who went in first finally comes out. There are also many examples in this kind of data structure life. For example, when handing in the test paper, the person who handed in first is usually not seen by the teacher until the end. In addition, in the previous song ordering system in KTV, the person who ordered the song first sang at the end.

It is reasonable that when the engineers of Texas Instruments write the program, they need to check the length of the data pressed into the stack. Once the stack is full, they must stop pressing it again, otherwise there will be an overflow.

The stack buffer that Lin Hong found was not rigorous when the engineers wrote the code, so he forgot to check the length of the stack, so Lin Hong kept pressing the data into it. When it was full, he continued to press it, so the stack memory overflow occurred.

Overflow means that the unit outside the stack buffer will be rewritten, and if the data stored in these data units is useful data, it will have unexpected consequences. The most common consequence is the crash of the program. Usually, this can only be regarded as a bug of the program, but when in these stacks Pressing in the designed data is not only a bug, but also a vulnerability that can be exploited by hackers.

Lin Hong carefully designed a small program, and then compiled it into machine code. First, he pressed some invalid data into the stack he found, accurately calculated the length of these data, and waited for a certain length to press in the data he designed to make it overflow and cover the buffer. Outside the area, so that when the firmware system runs here, it will successfully call the program that executes it...

As a result, this tight fortress was successfully conquered by Lin Hong.

This process seems simple, but in fact, it was found after countless tests by Lin Hong, in order to accurately calculate the length of the stack. He repeated the data entry process at least 50 times. In order to enable my program to successfully take over the running process of the firmware, the time and energy spent in it cannot be clearly described in a few words.

After Lin Hong successfully cracked it, he was so excited that he forgot that others didn't have to sleep at all. At that time, he immediately knocked on Arthur's door. Fortunately, they had just fallen asleep and heard that he broke out the calculator so quickly. The two people, who had already dozed off and couldn't open their eyes, suddenly cheered up and threw their sleepiness out of the sky.

Immediately wanted to see the results of the crack, but the next problem came again - there is no suitable software to run on it.

The two of them had discussed for a long time before, and they were still unable to determine what function the first software should write. Arthur prefers to make practical software, such as assisting students in learning in school, while Matthew prefers to write an interesting game.

The opinions of the two people cannot be unified. Time passes in their constant debate, and nothing has been done.

Now that the machine has come out, but there is no suitable software, which is really depressing.

At this time. Matthew proposed to write a relatively simple game first, which was unanimously approved by Lin Hong and Arthur.

The three of them discussed it and finally decided to port the game Tetris to the calculator.

Tetris is a classic game of Soviet scientist Alexei Pakitnov. It seems simple but ever-changing and addictive. After its launch in the United States in 1988, it immediately achieved great commercial success and was welcomed by men, women, young and old. It has become an extremely classic popular game, and no game can match it.

Arthur was learning programming before. I once ** developed this game, with ready-made source code, and it is not difficult to transplant.

Therefore, they moved the position to Lin Hong's room, because his machine can simulate the operating environment of the Z80 CPU. After simply modifying and optimizing the source program written by Arthur before, it was compiled into a file that can be executed in the calculator. Then it is transferred to the calculator storage space through the data cable.

There are some problems in the first few runs, but this is a normal situation. If you can transplant it to another platform and succeed at one time, it will be too exaggerated. Even the best programmers sometimes make some low-level errors, such as error in variable names, forgetting to write a sem, etc. This is a normal situation. As long as it is modified in a targeted manner according to the debugging information.

Writing the program is like this, debugging, running, re-debugging...

Keep fighting against all kinds of mistakes and bugs until the moment when it finally passes smoothly!

After more than a dozen continuous debugging and transmitting programs, Arthur's Russian game finally ran smoothly on the TI-82!

Matthew grabbed the calculator at the first time and then began to play.

To play the Tetris game, you only need up to five keys, three arrow keys, one key is used to transform, and the other key is used to accelerate. There are dozens of buttons on the calculator, which is enough.

After playing for a while, Matthew found that because the height of the calculator display screen was too low, it was easy to be held up to the top and finally hung up.

Therefore, he put forward suggestions for improvement by rotating the display mode 90 degrees clockwise, so that the distance of the square can be greatly lengthened and the difficulty can be reduced.

So, Arthur began to modify the source program of the game again...

During the whole process, Queen Lin did not intervene again. He just watched Arthur write the program.

Arthur's Tetris program was written in C language. Lin Hong didn't come into contact with this programming language until he came to the United States. He was not very familiar with it. Today, I saw Arthur constantly modifying and debugging, and he also learned a lot.

He found that when Arthur wrote the program, he had some small programming habits worth learning from, such as giving comments in key places, indenting more lines of code statements, improving the readability of the code... and so on.

Near five o'clock in the morning, they finally decided on the final version of the Tetris game.

At this moment, except for Lin Hong, Arthur and Matthew were exhausted and fell asleep directly.

Arthur and Matthew couldn't go to the morning exercise that morning, only Lin Hong.

Chapter List

Full Novel Website en.quanben5.com