Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
lehrkraefte:blc:informatik:ffprg2-2018:ffprg2-2018 [2019/01/18 16:04] Ivo Blöchliger [7-Segment-Anzeige-Demo] |
lehrkraefte:blc:informatik:ffprg2-2018:ffprg2-2018 [2019/01/25 15:34] (current) Ivo Blöchliger [Assembler und Hacking (Stackoverflow)] |
||
---|---|---|---|
Line 11: | Line 11: | ||
* Dokumentation: | * Dokumentation: | ||
- | ====== Assembler und Hacking (Stackoverflow) | + | ====== Hacking ====== |
+ | ===== XSS: Cross Site Scripting ===== | ||
+ | https:// | ||
+ | |||
+ | ===== Assembler und Hacking (Stackoverflow) ===== | ||
Ein aktueller Hack vom letzten Chaos Computer Congress: https:// | Ein aktueller Hack vom letzten Chaos Computer Congress: https:// | ||
Line 55: | Line 59: | ||
MOV [255], 0111000b | MOV [255], 0111000b | ||
</ | </ | ||
+ | |||
+ | |||
+ | Manipulierte Rücksprungadresse | ||
<code asm> | <code asm> | ||
- | mov A, ' | + | mov A, ' |
start: | start: | ||
- | inc A | + | inc A ; Erhöht den Inhalt vom Register A um 1 |
mov [232], A ; | mov [232], A ; | ||
call bla ; | call bla ; | ||
+ | ruecksprung: | ||
hlt ;Halt | hlt ;Halt | ||
bla: | bla: | ||
- | mov [253], | + | mov [253], |
+ | mov [SP+1], start ; Rücksprungadresse überschreiben | ||
ret ; | ret ; | ||
+ | </ | ||
+ | |||
+ | |||
+ | Ausgabe des LOL-Codes: | ||
+ | <code asm> | ||
+ | |||
+ | lol: | ||
+ | MOV [253], 0111000b | ||
+ | MOV [254], 0111111b | ||
+ | MOV [255], 0111000b | ||
+ | |||
+ | fertig: | ||
+ | mov A, fertig | ||
+ | dec A | ||
+ | mov B, 252 | ||
+ | loop: | ||
+ | mov C, [A] | ||
+ | mov [B], C | ||
+ | dec B | ||
+ | dec A | ||
+ | JNC loop | ||
+ | hlt | ||
+ | |||
</ | </ | ||
===== Hackme Code ===== | ===== Hackme Code ===== | ||
Line 100: | Line 132: | ||
Schaffen Sie es, indem Sie nur die DB-Zeile anpassen (das wäre so quasi der User-Input), | Schaffen Sie es, indem Sie nur die DB-Zeile anpassen (das wäre so quasi der User-Input), | ||
+ | <hidden Lösungsvorschlag> | ||
+ | Mit Rücksprung direkt in die DB-Konstante (Adresse 0x02) | ||
+ | <code asm> | ||
+ | DB " | ||
+ | </ | ||
+ | Oder mit Rücksprung in die kopierten Daten an der Adresse 0xdc: | ||
+ | <code asm> | ||
+ | DB " | ||
+ | </ | ||
+ | |||
+ | </ | ||
+ | |||
+ | |||
+ | ===== Busy Beaver ===== | ||
+ | <code asm> | ||
+ | start: | ||
+ | MOV B, 255 | ||
+ | |||
+ | humpfdidumpf: | ||
+ | MOV A, [B] | ||
+ | INC A | ||
+ | MOV [B], A | ||
+ | JNC humpfdidumpf | ||
+ | while: | ||
+ | DEC B | ||
+ | CMP B, ende | ||
+ | JE ende | ||
+ | MOV A, [B] | ||
+ | INC A | ||
+ | MOV [B], A | ||
+ | JC while | ||
+ | JMP start | ||
+ | ende: | ||
+ | HLT | ||
+ | </ | ||
===== Roborobo-Fernbedienung / Ivobot ===== | ===== Roborobo-Fernbedienung / Ivobot ===== |