codepad.org is an online compiler/interpreter, and a simple collaboration tool. Paste your code below, and codepad will run it will run it
I'm surprised noone has forkbombed the server yet...
How it works
Code execution is handled by a supervisor based on geordi. The strategy is to run everything under ptrace, with many system calls disallowed or ignored. Compilers and final executables are both executed in a chroot jail, with strict resource limits.
Paranoia
When your app is remote code execution, you have to expect security problems. Rather than rely on just the chroot and ptrace supervisor, I've taken some additional precautions:
* The supervisor processes run on virtual machines, which are firewalled such that they are incapable of making outgoing connections.
* The machines that run the virtual machines are also heavily firewalled, and restored from their source images periodically.
>>14
You don't need to. Just put some code in a buffer and execute the buffer. You may want to run various tests to determine what platform it is before actually being able to run more useful code, but if >>7 is right, then this would be no better than owning a Honeypot, which is totally useless.
>>15 C can do anything assembry can anyway. Now write a line of C code that will compile to a privileged instruction or invalid opcode. Without asm().
Name:
Anonymous2009-11-09 14:39
>>18 privileged instruction
Popular compilers have builtin support for most of these, even though 99.999% of developers don't need them. Here are some examples:
>>18
That's very simple actually, just assemble the instructions in a buffer, possibly writing the code so it would run from any base(call $/pop reg , and then use [reg+..] to offset all code from that), then just cast the buffer to a function pointer, and just call it.
The only difference here is that the code would run from the heap or stack, and there's some minor differences between normal code sections and that (such as protection modes and maybe on some platform, they could be marked with the NX flag). In which case, you might want to call the appropriate APIs for setting protection flags on that buffer's pages, or just alloc a new buffer for the code, or in a weird case, you could copy the code to the CODE/.text section where the C code is compiled to and running it. Technically, you can run anything from C (or other high/mid level languages with a FFI or similar), that you could run from asm.
Anyone know what the extra bullshit is? Any line that has anything to do with EDX or 0804971C is unnecessary to the function, and so it the jump-if-equal and that call... I'm guessing this is some kind of protection but I don't know what it would protect against.
>>22
Looks like it's unoptimized, how terrible[i]![/b] GCC?
It may be a "security cookie" protection against buffer overflows. MSVC does it all the time, it's fairly simple, it places a special dummy value as the first variable on the stack, and then checks if it remains unchanged at the end, if it has been changed, it will safely generate an error to avoid exploitation. Smart compilers like MSVC don't generate code like this in functions as simple as that, they only generate it in functions where buffers are used/stack allocated and there's a potential for a stack overflow.
The code I would use for your function is
mov eax, 7A69h
ret
>>38
Real men don't play non-free games for proprietary operating systems. Nethack is a free (as in freedom) drop-in replacement for Dwarf Fortress that works on the GNU/Linux operating system.
>>44
Real men don't play freewares for terminal emulators. Demon's Souls is a deep and challenging experience with visuals that put your ASCII games to shame.
"Internet memes" are stupid the moment they are identified as such.
Memes are really just an identifying trait of a particular group or culture. But then some attention seeking faggot will go "I am part of your group. I can speak like you do. I know what you're talking about. This little in-joke we have is so funny, right guys. FIOC, lol". Suddenly other attention-seeking faggots will go "Oh, I see. I am part of your group, too. FIOC, lol". So they rip the meme out of it's context and use it as nothing but an identifying trait they shout to each other, like drunk idiots chanting at a football game.
Suddenly the once slightly amusing saying has transformed into a meaningless phrase and the once cozy place to talk about news or whatever seems to be full of drunk hooligans. What the fuck.
As if that wasn't bad enough, then there is /b/ and reddit. Full of these kinds of shitheads who think this is not only funny, no, everyone has to know about it. "Oh, internet, u so randum." Fucking retarded subhuman scum, who then go to all corners of the internet and try to incite more meaningless Spam.
This "Internet meme"-meme is basically the worst thing that has ever hit the internet.
Simon[2] identified the following manipulative techniques:
Lying: It is hard to tell if somebody is lying at the time they do it, although often the truth may be apparent later when it is too late. One way to minimize the chances of being lied to is to understand that some personality types (particularly psychopaths) are experts at the art of lying and cheating, doing it frequently, and often in subtle ways.
Lying by omission: This is a very subtle form of lying by withholding a significant amount of the truth. This technique is also used in propaganda.
Denial: Manipulator refuses to admit that he or she has done something wrong.
Rationalization: An excuse made by the manipulator for inappropriate behavior. Rationalization is closely related to spin.
Minimization: This is a type of denial coupled with rationalization. The manipulator asserts that his or her behavior is not as harmful or irresponsible as someone else was suggesting, for example saying that a taunt or insult was only a joke.
Selective inattention or selective attention: Manipulator refuses to pay attention to anything that may distract from his or her agenda, saying things like "I don't want to hear it".
Diversion: Manipulator not giving a straight answer to a straight question and instead being diversionary, steering the conversation onto another topic.
Evasion: Similar to diversion but giving irrelevant, rambling, vague responses, weasel words.
Covert intimidation: Manipulator throwing the victim onto the defensive by using veiled (subtle, indirect or implied) threats.
Guilt trip: A special kind of intimidation tactic. A manipulator suggests to the conscientious victim that he or she does not care enough, is too selfish or has it easy. This usually results in the victim feeling bad, keeping them in a self-doubting, anxious and submissive position.
Shaming: Manipulator uses sarcasm and put-downs to increase fear and self-doubt in the victim. Manipulators use this tactic to make others feel unworthy and therefore defer to them. Shaming tactics can be very subtle such as a fierce look or glance, unpleasant tone of voice, rhetorical comments, subtle sarcasm. Manipulators can make one feel ashamed for even daring to challenge them. It is an effective way to foster a sense of inadequacy in the victim.
Playing the victim role: Manipulator portrays him- or herself as a victim of circumstance or of someone else's behavior in order to gain pity, sympathy or evoke compassion and thereby get something from another. Caring and conscientious people cannot stand to see anyone suffering and the manipulator often finds it easy to play on sympathy to get cooperation.
Vilifying the victim: More than any other, this tactic is a powerful means of putting the victim on the defensive while simultaneously masking the aggressive intent of the manipulator.
Playing the servant role: Cloaking a self-serving agenda in guise of a service to a more noble cause, for example saying he is acting in a certain way to be "obedient" to or in "service" to an authority figure or "just doing their job".
Seduction: Manipulator uses charm, praise, flattery or overtly supporting others in order to get them to lower their defenses and give their trust and loyalty to him or her.
Projecting the blame (blaming others): Manipulator scapegoats in often subtle, hard-to-detect ways.
Feigning innocence: Manipulator tries to suggest that any harm done was unintentional or that they did not do something that they were accused of. Manipulator may put on a look of surprise or indignation. This tactic makes the victim question his or her own judgment and possibly his own sanity.
Feigning confusion: Manipulator tries to play dumb by pretending he or she does not know what the victim is talking about or is confused about an important issue brought to his attention.
Brandishing anger: Manipulator uses anger to brandish sufficient emotional intensity and rage to shock the victim into submission. The manipulator is not actually angry, he or she just puts on an act. He just wants what he wants and gets "angry" when denied.
Name:
Anonymous2013-11-22 0:44
Vilifying the victim: More than any other, this tactic is a powerful means of putting the victim on the defensive while simultaneously masking the aggressive intent of the manipulator.
Snowden Is A Criminal! Because we didn't want to know that what We were doing was Wrong! ^^
Name:
Anonymous2013-11-22 0:45
Now We have No Plausible Deniability!
Name:
Anonymous2013-11-22 0:52
At the same time, the survey, produced for ABC by Langer Research Associates, finds an 11-point jump in the belief that disclosures by Snowden, a former NSA contractor now holed up in Russia, have harmed U.S. security: Sixty percent say so, vs. 49 percent last summer.
Many fewer, 29 percent, think his leaks have done “a great deal” of harm to U.S. security. But this too is up, by 7 points. And the belief that Snowden damaged U.S. security is a key driver in support for prosecuting him.
Finally, young adults are sharply different than their elders in views on Snowden, who turned 30 in June. Just 35 percent of those under age 30 say he should be charged with a crime, compared with 57 percent of those 30 and up. And 56 percent of young adults say he did the “right thing” in leaking NSA documents. Just 32 percent of their elders agree.
Name:
Anonymous2013-11-22 0:55
Young people confirmed as good leaders! ^^
Name:
Anonymous2013-11-22 0:58
>>80
What a surprise, it's tending towards the NSA's opinion....
All wiretapping of American citizens by the National Security Agency requires a warrant from a three-judge court set up under the Foreign Intelligence Surveillance Act. After the 9/11 attacks, Congress passed the Patriot Act, which granted the President broad powers to fight a war against terrorism. The George W. Bush administration used these powers to bypass the FISA court and directed the NSA to spy directly on al-Qaeda in a new NSA electronic surveillance program. Reports at the time indicate that an "apparently accidental" "glitch" resulted in the interception of communications that were purely domestic in nature.[5] This action was challenged by a number of groups, including Congress, as unconstitutional.
The exact scope of the program is not known, but the NSA was provided total, unsupervised access to all fiber-optic communications going between some of the nation's largest telecommunication companies' major interconnected locations, including phone conversations, email, web browsing, and corporate private network traffic.
FISA makes it illegal to intentionally engage in electronic surveillance under appearance of an official act or to disclose or use information obtained by electronic surveillance under appearance of an official act knowing that it was not authorized by statute; this is punishable with a fine of up to $10,000 or up to five years in prison, or both.[9] In addition, the Wiretap Act prohibits any person from illegally intercepting, disclosing, using or divulging phone calls or electronic communications; this is punishable with a fine or up to five years in prison, or both.[10]
Name:
Anonymous2013-11-22 1:17
Trailblazer and whistleblowing prosecution
The Trailblazer Project, an NSA IT project that began in 2000, has also been linked to warrantless surveillance. It was chosen over ThinThread, which had included some privacy protections. Three ex-NSA staffers, William Binney, J. Kirke Wiebe, and Ed Loomis, all of whom had quit NSA over concerns about the legality of the agency's activities, teamed with Diane Roark, a staffer on the House Intelligence Committee, to ask the Inspector General to investigate. A major source for the IG report was Thomas Andrews Drake, an ex-Air Force senior NSA official with an expertise in computers. Siobhan Gorman of The Baltimore Sun published a series of articles about Trailblazer in 2006–2007.
The FBI agents investigating the 2005 The New York Times story eventually made their way to The Baltimore Sun story, and then to Binney, Wiebe, Loomis, Roark, and Drake. In 2007 armed FBI agents raided the houses of Roark, Binney, and Wiebe. Binney claimed they pointed guns at his head. Wiebe said it reminded him of the Soviet Union. None were charged with crimes except for Drake. In 2010 he was indicted under the Espionage Act of 1917, as part of Obama's unprecedented crackdown on leakers.[49][50] The charges against him were dropped in 2011 and he pled to a single misdemeanor.
Name:
Anonymous2013-11-22 1:37
Statutory interpretation issues
A court of law faced with determining the legality of the NSA program would have to first grapple with the statutory interpretation of FISA itself[71] Since FISA has the potential to raise certain Constitutional conflicts relating to the powers assigned to Congress and the Executive in Articles I and II respectively, the canon of constitutional avoidance requires a court to first determine if the FISA statutes can be "fairly read" to avoid Constitutional conflict.[72] Assuming such an interpretation can be found, the question then turns towhether or not the NSA wiretap authorizations were violative of the statute as so read. Without knowing how a court would resolve the first issue and the classified specifics of the program itself, it is not possible to predict the outcome.
Invalid! Your Laws Don't Even Make Sense! You Have No Statues! ^^