oH nO
If you are after just the exe file to do a job, get STRINGS.EXE from the masm32 example code.
It depends what effect you want. If you want all strings of (readable) characters in the whole file, then you'll be searching through the whole exe.
But if you only want the strings used in the application, then they should be found in the data section -- for this you'll need to look at how a PE file is constructed, and then search through the contents of the data section(s) to find the strings. And you may also want to check through the code sections for strings that may have been 'hidden' in there too :wink
So, reference material: info describing the PE format (there's plenty about)
zakham,
Welcome on board.
You can use also the RCDATA statement in your resource script to embed text files in your executable. Here is a quick example.
[attachment deleted by admin]
Sorry Vortex. I'm guessing our friend is trying to find registration messages and nag screens...
fORGET aBOUT IT DUDES..!!! :U
OK, no problem.
zakham,
Challenge or no, I think you need to explain how "I need to utilize this Buffer overflow + get the Password" is not a violation of forum rules:
Quote
3. Legality of content is not a negotiable matter in the forum. Assembler programming is mainstream programming and is primarily used by professional programmers who require the performance in specialised areas. Low level coding is both allowed and encouraged but there will be no viral or trojan technology allowed including technical data under the guise of AV technology, no cracking and similar activities in the guise of "Reverse Engineering", no hacking techniques or related technology and no support or help with or reference to pirated software. There will also be no links to pages that support or display any of these or any other illegal areas of coding.
1. Do your own 'homework' -- or you will learn nothing. This is even a beginners 'challenge'
2. We are not here to teach you how to hack or create viruses -- this falls under that catgeory.
http://www.vidyaweb.com/doeacc/mod/forum/discuss.php?d=392
Challenge Question No. 20060210
Programmed By Ria Bannerjee.
Vidyaweb Team (www.vidyaweb.com)
Email : ria.cool2k5@gmail.com
Info:
Buffer Overflows comprises most of the exploits and hacks considered to the present
day environment. Check out where you are missing and learn how to write a secure code.
Target :
1. Write a program in any language to filter all text strings in the attached executable.
2. Find the Buffer Overflow in the program and then exploit it to find the access
codes for your name.
Focus :
This challenge focusess on the Stack Based Buffer overflows. Along with it you ll be able
to learn about the architecture on x86 assembly and how it works and how it can be exploited.
This challenge will be posted for 2 weeks on the site awaiting solutions from all
members. Best Solution will be awarded by putting his name on the site as a winner
until next challenge comes up(fortnightly).
Rules:
1.You cannnot use any hex editor, disassembler or debugger to analyse the code
(since this is a newbie challenge).
2.Your program can be written in any language you desire but you must submit
the source along with the executable and you must submit a write-up giving a
description of the rules/techniques and your handson experience while solving it
in not less than 150 words.
3.The winner will be announced in the week ending February 25th, 2006.
4.You can discuss any doubts you have in the forum.
We will put up an article \ tutorial to solve the challenge on 25th Feb, 2006, so dont
forget to check out if u didnt manage to solve the challenge or even if u did but missed
out anything. We will try to explain the basics of how to go about defending and attacking
such scenarios to get the best out of you in the relevant field so that we can emerge as
better programmers than we are and leave a mark of our community. Good luck !!!
So .. Lets go killing ...
THANK YOU VERY MUCH
Another happy customer :lol
All part of the service.
Have a nice now.
Place call again.
(What you fail to see is that I've already told you how to do it. But obviously it's beyond your capabilities.)
Thread closed :bdg
Sluggy,
I think you forgot to close it.
Paul
ooops :bg