m7c1

A buffer overflow is one of the oldest tricks in the book.  The NSA was performing them in the 70s, and they continue to be a problem today.  As we'll explore here, they result from an interaction between inappropriate assumptions and the way modern operating systems function.  In this tutorial, we'll cover a very simple example of how the execution of a poorly coded program can be subverted to give control over the system it's running on.

This is a 'fork bomb':

:(){ :|: & };:

In bash (and probably bash-like shells) this declares a function named :, and defines that function as a call to itself, piped into a call to itself, which is then forked.  The result is endless forking of a non-terminating program that calls itself twice per call.  The last : initiates the bomb.

    Situation: I'm in the EU, living under its Big State ethos and enduring its General Data Protection Regulation (GDPR). Web presences with an EU market have largely complied in some fashion, but many without have simply denied access to requests appearing to originate in the EU. I wanted to read an article on a site in the second category.You'll need tor and a proxy. I use privoxy.

Recently I had cause to collect all Requests for Comment (RFCs) and Phrack articles - ever published - for mining purposes. Was a good quick little bash test, and improved my curlin'! The results are as follows:

Very straight forward snippet for grabbing the first 1000 rfcs:

My scrolling wasn't 'natural' so...

What can I learn about my device?  Let's see what X thinks is connected:

xinput -list

And then check the properties for my touchpad (id 13):