[06:44] <andrewlsd> Morning #ubuntu-za
[06:48] <nsnzero> morning andrewlsd 
[06:48] <andrewlsd> \o nsnzero
[07:17] <theblazehen> Hi all
[07:18] <andrewlsd> o/ theblazehen
[07:38] <Kilos> morning andrewlsd paddatrapper nsnzero smile divansantana_ ambo theblazehen thatgraemeguy tumbleweed and other lurking types
[07:38] <Kilos> oh and of course old inetpro 
[07:39] <Kilos> and MaNI 
[07:39] <inetpro> oh hi Kilos
[07:39] <Kilos> haha
[07:39] <inetpro> and good mornings to all else
[07:40] <Kilos> running the router off the ups works, now just still to see how long it can power a batteryless lappy and the router
[07:41] <thatgraemeguy> morning peoples
[07:47] <pavlushka> Mornings
[07:47] <pavlushka> :p
[07:48] <paddatrapper> Morning Kilos, inetpro, thatgraemeguy, pavlushka
[07:49] <pavlushka> Hey paddatrapper, how is it going?
[07:52] <andrewlsd> Morning Kilos thatgraemeguy pavlushka pavlushka inetpro
[08:03] <Kilos> hmm... stuttering a bit there
[08:10] <theblazehen> Can I just brag for a second here? http://imgur.com/a/hI95e Maybe it isn't that impressive, but it is for me
[08:11] <theblazehen> Took most of my afternoon yesterday to get it working though...
[08:13] <magespawn> good morning all
[08:13] <theblazehen> hi magespawn
[08:40] <nsnzero> awesome stuff theblazehen - but what is it ? 
[08:41] <theblazehen> nsnzero: Shellcode execution from a buffer overflow :D
[08:43] <theblazehen> Basically just a NOP sled, then my code, then overwriting the return address of the strcpy into my buffer, (Think it was the strcpy at least, pretty sure it was)
[08:43] <theblazehen> I never though I'd ever get to writing assembly myself... Nevermind exploting a buffer overflow with it
[08:44] <nsnzero> now i see it .... impressive indeed
[08:44] <theblazehen> ty nsnzero :)
[08:45] <theblazehen> nsnzero: It's just level 2 of http://overthewire.org/wargames/narnia though, and with ASLR, stack protection, etc disabled
[08:47] <theblazehen> Still, from having no experience with assembly, except for "This looks hard...", to getting it to run by exploiting a buffer overflow is kinda cool
[08:58] <magespawn> hi theblazehen, does it gain you a privilage escalation?
[08:59] <theblazehen> hi magespawn. If it's a setuid binary (which it is), yes. Or if you have a restricted shell it could give you an unrestricted shell if it isn't setuid. Or if you have a sudoers rule for that single application
[09:01] <theblazehen> You can see how I was narnia2, binary was setuid narnia3, and I became narnia3
[09:53] <magespawn> theblazehen: i did not see the original post :)
[09:58] <nsnzero> theblazehen: thats a nice tutorial site btw - do you need to sign up first to play ?
[09:58] <nsnzero> hi magespawn 
[10:03] <magespawn> hi nsnzero 
[10:16] <magespawn> theblazehen: can you repost the original link.
[10:31] <nsnzero> http://overthewire.org/wargames/bandit/bandit0.html
[10:31] <nsnzero> there magespawn 
[11:35] <pavlushka> andrewlsd: Good day andrewlsd :)
[12:16] <nsnzero> have a good afternoon everyone
[17:34] <nsnzero> evening folks
[17:38] <inetpro> hi nsnzero
[17:38] <nsnzero> good evening inetpro 
[18:13] <Langjan> Hello, how is everybody
[18:16] <nsnzero> hi Langjan 
[18:16] <nsnzero> doing well and yourself Langjan ?
[18:18] <Langjan> Good, also well thks nsnzero 
[18:24] <nsnzero> good to hear that Langjan 
[18:25] <Langjan> Thks nsnzero, much to be grateful for 
[18:26] <Langjan> You there Kilos? And hi inetpro, chesedo, pavlushka, smile, theblazehen      
[18:27] <Langjan> and paddatrapper 
[18:27] <smile> hi Langjan 
[18:27] <Langjan> hi young man
[18:28] <smile> Hi old man
[18:28] <Langjan> lmga!
[18:28] <Langjan> Wie's jou ou man jou klein parmant!
[18:29] <Langjan> Only turning 74 in a few days man
[18:31] <nsnzero> still young Langjan 
[18:33] <Langjan> Yes, young at heart nsnzero 
[18:34] <Langjan> Where's my pal Kilos - no sheep to chase in Rustenburg
[18:35] <Langjan> Verstaan jy Afrikaans smile ?
[18:36] <smile> Langjan: I'm only 21 (for now)
[18:36] <smile> Langjan: ja, ek verstaan Afrikaans, hoekom vraag jy?
[18:37] <Langjan> Net gewonder oor jy so stil is
[18:37] <smile> hehe
[18:37] <smile> Ek verstaan parmant ni, maar ek weet wa jy bedoel hêt
[18:37] <Langjan> lmga, jys dieselfde ouderdom as my oudste kleinkind
[18:37] <Langjan> means cheeky
[18:37] <smile> omg o.O
[18:38] <smile> I'm cheeky o.O
[18:38] <smile> I was just stating the obvious.
[18:38] <smile> You're old, I'm young.
[18:38] <Langjan> Just pulling your leg young man
[18:38] <smile> Don't, it hurts enough already
[18:38] <smile> :P
[18:39] <Langjan> To be young? 
[18:39] <Langjan> hurts? Why
[18:39] <smile> It doesn't hurt to be young, it hurts because I went badmintonning for over 2 hours :P
[18:39] <Langjan> oh ok good
[18:40] <smile> nah XD
[18:40] <Langjan> Great game
[18:40] <smile> I lost :P
[18:40] <smile> So not so great either
[18:40] <Langjan> well next time...
[18:41] <smile> :D
[18:41] <Langjan> somebody has to lose so someone else can win, we all have our days
[18:41] <smile> when's my day?
[18:41] <Langjan> When you win
[18:42] <smile> When do I win?
[18:42] <Langjan> When it's your day
[18:42] <smile> Seems like a circular reference to me.
[18:43] <smile> A stack overflow will soon follow.
[18:43] <Langjan> lmga, and when you've practised enough
[18:43] <smile> In software, a stack overflow occurs if the call stack pointer exceeds the stack bound. The call stack may consist of a limited amount of address space, often determined at the start of the program. The size of the call stack depends on many factors, including the programming language, machine architecture, multi-threading, and amount of available memory.
[18:43] <smile> = you run out of memory
[18:44] <Langjan> phew! 
[18:44] <Langjan> glad I'm not in software
[18:45] <smile> I do understand what's being sad, but I hardly ever need that knowledge to do my job
[18:45] <smile> * said
[18:45] <Langjan> All I know is I'm running at 4% CPU usage and 38% free memory 
[18:46] <smile> That means you will reach a stackoverflow soon after you fill another 62% of your memory :P
[18:46] <Langjan> Which will hopefully never happen
[18:48] <MaNI> you don't need to exhaust your entire computers memory to have a stack overflow
[18:48] <smile> Yeah. And if it does, you reach out to me and I'll just say "buy some more memory"
[18:48] <smile> MaNI: true, but if you do, it's far more likely
[18:49] <MaNI> not really, most programs have a fixed stack size thats measured in mbs
[18:49] <MaNI> e.g. on windows with MSVC compiler by default a c++ program will have a stack limit of 1Mb
[18:50] <MaNI> if the program exceeds 1Mb on the stack there will be an overflow
[18:50] <smile> but you can increase it before a stack overflow occurs, right?
[18:50] <smile> that's where malloc/alloc/... comes in?
[18:50] <MaNI> no it's usually a fixed limit set at compile time
[18:50] <MaNI> most large memory allocations are not done on the stack malloc/alloc allocates on the heap not on the stack
[18:50] <smile> Okay. I do agree with you
[18:51] <MaNI> stack overflow is usually a result of unbounded recursion
[18:51] <smile> Correct. :)
[18:52] <smile> That's the way I make those usually
[18:52] <smile> But I don't make that error often
[18:52] <smile> But sometimes you're trying to do something crazy
[18:53] <Langjan> smile, is your calculation correct? Do I not reach stack overflow if I use up 38% more memory? 
[18:54] <smile> Langjan: If you want to freeze your computer, you should use all available memory
[18:54] <MaNI> ulimit -s 8192 - thats the default stack size for a linux program by the way, which is 8x larger than the windows default but still incredibly easy to exhaust
[18:54] <smile> nice
[18:55] <Langjan> I understand that but not your figure of 62%
[18:55] <smile> Langjan: probably my calculation doesn't even make sense :P 
[18:55] <smile> MaNI: does that mean a Linux program uses that memory if it doesn't need it?
[18:56] <MaNI> it's a maximum so it doesn't have to be available at launch - AFAIK, I'm not sure if in practice it is or isn't though
[18:57] <MaNI> quite possibly
[18:57] <nsnzero> linux is designed to prevent memory getting full - its will swapped out ram and then kill userspace apps 
[19:00] <nsnzero> MaNI: isnt the stack just a temp storage for return addresses from loops and subroutines ?
[19:00] <MaNI> call stack, temporary variables etc.
[19:01] <Langjan> OK guys you're way above my head, let me leave you to it
[19:02] <Langjan> take care and watch out for the pretty girls smile 
[19:02] <smile> Langjan: I'm in the process of catching one
[19:02] <smile> good night!
[19:02] <MaNI> I've only once ever in my programming career found a legitimate reason to mess around with the stack size of a program - as opposed to just fixing a bug like too much recursion, 8Mb is usually more than sufficient for a properly designed program :)
[19:02] <Langjan> well dont say you were not warned
[19:02] <smile> MaNI: when was that?
[19:02] <smile> Langjan: lol
[19:03] <Langjan> good luck my friend
[19:03] <smile> thanks
[19:03] <nsnzero> take care Langjan 
[19:04] <Langjan> go well nsnzero and smile, plse give Kilos  my regards if and when he wakes up
[19:04] <smile> sure
[19:05] <Langjan> Tell him I have not broken anything for a while, maybe its time...lmga!
[19:05] <nsnzero> nowdays the stack and other low level memory fiddling isnt necessary with compilers having memmory management builtin 
[19:05] <nsnzero> i was just going to ask you Langjan - : "whats need fixing ?"
[19:05] <MaNI> For a FSN parser I wrote for a specific project using boost::xpressive - because xpressive uses templates and is quite complex, and the parser rules themselves were very complex, and recursed quite a bit, it was easily exhausting stack space. Because it was special purpose code it was better to increase the stack size than to rewrite the code and/or slow it down by reducing stack allocation.
[19:06] <Langjan> Only Kilos's kde nsnzero! 
[19:06] <smile> MaNI: well done :)
[19:06] <nsnzero> c++ mani -> its so complex 
[19:07] <Kilos> im here
[19:07] <Kilos> ai!
[19:08] <nsnzero> evening Kilos - you just missed lanjan
[19:08] <smile> Kilos: you have the greetings from Langjan :P
[19:08] <Kilos> yes i see so
[19:09] <Kilos> ill mail him ty nsnzero 
[19:09] <smile> He warned me about pretty girls, is he right?
[19:09] <Kilos> lol
[19:11] <nsnzero> how you doing Kilos ?
[19:15] <nsnzero> i just learnt the benefits of using ssh-agent together with ssh-add - no need to type pass phrases over and over again
[19:38] <nsnzero> good night all 
[21:05] <smile> Good night :-)