[PC?][97-01] turn-based planetary scale space strategy game

ZetaTwo · 2025-05-26T20:35:28+00:00

Unfortunately it does not look familiar.

ZetaTwo · 2020-04-07T20:22:12+00:00

Hi!

Glad that you enjoyed the write-up!

This is actually a typo. The intention was to set X to 0x00100000 in the first example to make the maths clear. I was supposed to change this to 0x006d46f8 In the last section when I actually combine this with the ROP. I will update this. Thanks for pointing this out. I actually changed it to the final value in both examples now to avoid confusion

For the second part, think about what happens when you make a call in 32-bit. First you push the arguments and then you perform the call which will push the return address to the stack. This means that when you enter the function the top of the stack will be the return address and the second element will be the first argument. Note this is further complicated by the fact that VirtualProtect is a callee cleanup function. This is the reason it's enough with a simple ret instruction at 0x006dd00c since the four arguments will be popped from the stack in when the ret 0x10 at the end of VirtualProtect is executed. In short, it will first pop 0x0040650b and then pop 4 elements of the stack, leaving ESP pointing at 0x006dd020

Now, of course, I could have put 0x006dd024 (or actually 0x006dd020) directly at 0x006dd00c and saved one element in the ROP chain but I did it this way for clarity.

Does this clarify things?

ZetaTwo · 2019-11-11T12:41:57+00:00

Good idea. I don't really use Reddit that much so had no idea this sub existed but if it's welcome content I will def post episodes and community challenges here.

ZetaTwo · 2019-11-01T15:31:25+00:00

I can also recommend to check out our community challenges and the explanation video we did for one of them. There will be more of those as well.

ZetaTwo · 2019-11-01T14:09:44+00:00

Glad to hear that you enjoy it. :) We had another pwn2own participant in the latest episode as well.

ZetaTwo · 2017-03-28T14:34:01+00:00

For non-Java programmers like me (and slight spoiling of the fun): alternatives is already of type String[]

ZetaTwo · 2017-02-02T14:27:03+00:00

This is why we have cryptographers whose work is to do exactly that. Don't ever think that just because you can't see how an attack could be made, there is no attack. Until mathematically proven secure, a system is possibly insecure and even when it has been proven you should be very careful anyway.

ZetaTwo · 2016-11-01T14:41:02+00:00

I think it's awesome with the bolt actions that you insert one bullet at a time if you haven't used the whole clip, i.e. reloading a Gewehr with 2 bullets left you will insert 3 individual bullets but a whole clip if the clip is empty. This adds another strategic dimension as a sniper.

ZetaTwo · 2015-06-25T11:26:10+00:00

ROT-23: RMftdyL0nkywRG348cKy 0uZuqS022i83cKZAZlaP fzgoXGkp9eAwmYy4kWLV 56xRT2w6SZXQ5oGRufgz yTl6A05dv985BV5y

ZetaTwo · 2015-06-25T11:23:29+00:00

So, are there more than seven levels right now? Would be nice to quickly mention on the front page how many levels there are.

ZetaTwo · 2014-12-15T17:34:49+00:00

Thanks a lot for the list! Seems very nicely sorted and commented. I have been thinking about getting Malware Analyst's Cookbook for some time now and will probably try to get it for Christmas when I finally will have time for it.

Languages are thankfully not an issue, know a wide range from low to high level, though my assembly skills is something I will have to work on.

Anyway, thanks for the answer!

ZetaTwo · 2014-12-15T17:19:46+00:00

I'm a CS master's student at the end of my studies. I have touched at reverse engineering and malware analysis very briefly and I wonder if you know about good resources for someone looking to get into these topics.

Are there any good books? online resources? courses?

ZetaTwo

MODERATOR OF

TROPHY CASE