Tuesday, December 29, 2015

Here come the winners

Whoa. Bruce and I have finally selected the winners of the memset challenge. We got 9 submissions, 5 of which came up with the same size, but only one person attempted to implement memcpy, and it's Manh Luat Nguyen. Congratulations!

The winning code is

global my_memset
pop edx ; return address
pop edi ; src String
pop eax ; char
pop ecx ; length
push edi
rep stosb
pop eax
sub esp,16

The resulting shellcode is 12-byte: \x5a\x5f\x58\x59\x57\xf3\xaa\x58\x83\xec\x10\xc3. Instead of using movs, Luat was the first that creatively used one-byte pop instructions to save space.

The runner ups are
- Pham Hong Phi (12 bytes)
- Le Thanh Binh (12 bytes)
- Nguyen Vu Hoang (12 bytes)

There's actually one person that came up with a 10-byte implementation, it didn't pass my unit tests, but Bruce likes him enough that he wants to give him a special prize. Congratulations to Pham Viet Hoa!

Regarding scholarships I made a stupid mistake and booked a room too small (there were also some last minute registrations). Anyway Bruce and I don't really want to turn any of these young fellows down, so we're going to grant each a full scholarship, congratulations again!


TA Thanh Dinh said...
This comment has been removed by the author.
TA Thanh Dinh said...

Maybe I am wrong but the code may be not safe at "rep stosb" !?, since the value of edi is incremented or decremented depending on whether the direction flag is set or not.

Hacker Underground said...

************ Welcome customers all over the world ************

- I'm seller best and alway sell CC fresh with hight balance
- I have 1 software that can do transfer the best WU 100% sure and Bank Login
- I have account paypal with good balance
- I hope you good customers and will be long-term cooperation

If You Need To Buy Orders, Please Contact For Me NOW For More Information :
=> Contact me :
—— ICQ : 678742914
—— Gmail : besthackervn1985@gmail.com
__ __ skype: hacker.vn2