parastuffs

// ***** fonction pour aller un pas plus loin ****
int StepperMotor ( int _step, bool dir){
// ***** mise à jour de l'état ****
switch(_step){
case 0 :
digitalWrite(IN1, LOW);
digitalWrite(IN2, LOW);
digitalWrite(IN3, LOW);
digitalWrite(IN4, HIGH);
break;

parastuffs

#include "Arduino.h"
#include "Audio.h"
#include "BluetoothSerial.h" //Header File for Serial Bluetooth, will be added by default into Arduino
#include "FS.h"

#define SD_CS          5
#define SPI_MOSI      23
#define SPI_MISO      19
#define SPI_SCK       18
#define button_A       4 // Top face

parastuffs

/**
Make sure that the 'MCP9800' library is installed.
https://github.com/JChristensen/MCP9800/tree/master
*/

#include <MCP9800.h>

MCP9800 mySensor;

void setup()

parastuffs

Stack overflow - Shellcode

Building the basic stack overflow, we can exploit the same vulnerability to spawn a shell.

Context: vulnerable code

This time, we won't be using gets but strcpy that copies a string into a buffer.

#include <stdlib.h>
#include 

parastuffs

Stack overflow

By abusing the leniency of some C functions when it comes to filling buffers with user-provided information, we can reach other restricted parts of the program, or even execute arbitrary code.

In this demonstration, we will see how a buffer is filled in the stack using the gets function and how overflowing it will allow us the execute a function that should never be called otherwise in the program.

All the addresses used in the snippets and explanations are specific to the setup used to build this write-up. You will need to adapt them to your use-case in order to replicate the behaviour of this exploit.

GDB primer

Some useful GDB commands for the exercise:

parastuffs

Hello,

To access the BEAMS computing server, you need to connect to two VPNs:

1. ULB's (if your not on premise): https://monulb.ulb.be/fr/web/support/-/comment-utiliser-ulb-vpn- (you can translate the page in English at the bottom)

2. BEAMS's through openVPN (If you're not connected to a BEAMS network through WiFi of Ethernet). If you don't have one yet, you can ask Axel Dero (axel.dero@ulb.ac.be) to create you a certificate.

You can then connect through SSH to the IP 192.168.0.60. Your username is xx and you password xx

parastuffs

Tips regarding the installation on Debian (Bullseye)

• DependencyInstaller.sh should be run before anything else. Problem is, it only recognizes Ubuntu and CentOS. The content can be applied in a Debiane environment almost seamlessly, though. On the BEAMS server, the following needed to be installed: libboost1.74-dev libeigen3-dev libspdlog-dev swig
• lemon is not suitable in the official repo, so it needs to be installed manually:

  wget http://lemon.cs.elte.hu/pub/sources/lemon-1.3.1.tar.gz
  tar -xf lemon-1.3.1.tar.gz
  cd lemon-1.3.1

cmake -B build .

parastuffs

In a directory with git VCS: latexdiff-vc --git --flatten -r <rev-hash> full.tex where full.tex is the root tex file, including (or inputting) several subfiles or not.

You can then compile the resulting .tex file: pdflatex -shell-escape full-diff.tex

Note that the --pdf option is supposed to do it in one go, but the need for -shell-escape in my case makes the process fail.

If you simply want to generate a diff file with the previous commit in your tree,

parastuffs

Activités de taverne

Fléchettes

Partie en 100 points, le but est d'arriver à 0 avant ses adversaires. Chaque tour, le PJ a droit à deux coups.

• Tirer sur une valeur : 50 %
• Double : 20 %
• Triple ou plein centre : 5 %

Le PJ peut ajouter sa compétence de combat à distance/5 à la difficulté.

parastuffs

Blindtest Bardcore

Daft Punks

Europe - The Final Countdown

Gotye - Somebody That I Used To Know

Coolio - Gangsta's Paradise

Eminem - Lose yourself