I’m using a scanner which passes subtraction attack traffic such as (1-1), (3-2), (5-2), etc. There are no break or continuation characters such as semicolons or &&, nor is there a comparison using an equals sign or similar (and not function call). These are submitted using POST as part of a form. Is this possible?

# Tag: contain

## Is a Buffer Overflow / NOP Slide possible for memory addresses that contain null bytes?

I have been reading up on Buffer Overflows and NOP Sleds. I tried to use the exploit on an example target and I got stuck because I needed to inject a null byte in the return address for my BP so that my program does not crash. I have become aware of the fact that it is not possible to call a C program from command-line with a string that contains null bytes.

So, my questions is how to perform a buffer overflow in case the target memory address contains null bytes? Also, this would make NOP sleds as useless because the return address would contain null bytes as well, right?

Because I am completely new to C programming and exploitation in general it might be that I overlooked something obvious like zeroing out a part of memory after injection to construct a valid memory address but google search did not yield any understandable results for me.

At last, it is always the case that a stored memory address in memory ends with a null byte? Based on my observations I assume this is necessarily the case but there might be other options to interpret stored data as memory addresses without a null byte at the end.

## Would a firewall contain an explicit allow rule at the top?

Someone in an interview today told me every firewall has two rules: explicit allow at the top and explicit block at the bottom. Form the way I’ve always understood things firewalls are normally set to explicitly block by default (or explicitly allow if changed). Is this true? If so, why?

## Do modern operating systems still send targeted or directed Wi-Fi probe requests that contain SSIDs?

Do modern (versions of) operating systems, primarily Android and iOS on mobile, still send targeted or directed probe requests when searching for Wi-Fi networks to connect to?

Such targeted or directed probe requests contain the SSIDs of known networks, and may thus leak information about the sending device’s location history, the owner’s social relationships, etc.

According to this source, modern operating systems do not send these requests anymore:

Around 2014, the privacy implications of targeted probe requests started to become widely publicized and understood. Most new devices therefore stopped sending them. […] When the privacy implications of targeted request probes became widely appreciated, most new mobile devices stopped sending them altogether. […] Targeted probe requests are mostly a thing of the past.

Other sources, like this one or this one, seem to confirm that targeted probe requests are not sent anymore on the latest versions of Android, at least.

If this is indeed true, and perhaps also for iOS (and some desktop OSs), are there any press releases, bug tracker entries, security reports or code commits that confirm this?

Directed probe requests, as opposed to broadcast requests that don’t contain a network’s SSID, should only be necessary for hidden networks. The impact is stronger on mobile devices, where you tend to both have more known networks added to your device and broadcast that list in more places.

## Does Log File contain both committed and uncommitted transactions?

My question is related to SQL Server architecture. Mainly log file. In the picture below it says that when transaction is committed, log record in LOG CACHE will be moved to Log file. Does it mean that Log file contains only committed transactions?

Some sites also state that when COMMIT happens, then dirty page is moved from BUFFER CACHE into LOG CACHE first and afterwards into log file. So I do not understand what happens when COMMIT occurs. I will appreciate any help.

## Can an alphabet for a Turing machine contain subsets of other alphabets?

For example;

Is {0,1,{a,b,c},d,e} a valid alphabet to form a language over and is it usable in any context?

## List “filters pane” works fine for text STARTING WITH. But how to filter on text that CONTAIN words?

In Sharepoint 365 I created a list and by default you can filter with the filter pane. For instant I have a company colum and a company name in ABC International. I want to filter for all compies with INTERNATIONAL in the name. That seems not possible because the filter pane on the page only allows you to search for text that “begins with” … How to search for items that CONTAINS your text you want to filter on?

## Is it ok to have a class contain a list of its parent object?

I’m working on a software in which the client wants the admin to have all the rights to view and update the info of other employees. The admin is an employee itself so this is what I’ve come up with but I wanted to confirm whether this is the right way to do it or not? What could be the potential issues with it if any?

PS: All the data will be stored in a central DB so maybe I can simply add methods in the Admin class to query the info from it? Wouldn’t that have an effect on performance though especially when reading from it; it’ll query from DB everytime Admin wants to just view.

## What official books contain spells?

I recently found the Encode Thoughts cantrip in the Guildmaster’s Guide to Ravinca which has left me wondering if there are any other spells that I am missing.

Question: **What official sources contain spells (As of 29/06/19) other than the Player’s Handbook, Elemental Evil Player’s Companion, Sword Coast Adventurer’s Guide and Xanathar’s Guide to Everything?**

## any arithmetic progression of length 10 consisting of numbers in $S$ will contain at least a number in $P$

Let $ S= \left\{ 1,2,3,…,100 \right\}$ be a set of positive integers from $ 1$ to $ 100$ . Let $ P$ be a subset of $ S$ such that any arithmetic progression of length 10 consisting of numbers in $ S$ will contain at least a number in $ P$ . What is the smallest possible number of elements in $ P$ ?

Denote $ |P|$ as the number of elements in $ P$ . We shall find the smallest possible value of $ |P|$ .

For $ |P|=18$ , choose $ P = \left\{ 10,19,28,37,…,91,12,23,34,…,89 \right\}$ , which consists of all integers from $ S$ that equivalent to $ 1 \pmod 9$ or $ 1 \pmod {11}$ , excluding $ 1$ and $ 100$ . Then every arithmetic progression of length 10 will contain at least a number in $ P$ .

To prove that, let $ a,a+d,a+2d,…a+9d$ be an arithmetic progression of length 10 consisting of numbers in $ S$ with $ 1 \leq d \leq 11$ .

If $ gcd(d,9)=1$ , then there exists $ 0 \leq k \leq 9$ such that $ a+kd \equiv 1 \pmod 9$ . If $ a+kd=1$ or $ 100$ then $ k=0$ or $ 9$ respectively, and thus if $ d<11$ then there exist $ 0 \leq l \leq 9$ such that $ a+ld \equiv 1 \pmod 9$ and $ a+ld \neq 1, 100$ . If $ d=11$ then the arithmetic progression is $ 1,12,23,…,100$ , in which $ 12,23,…,89 \in P$ .

If $ gcd(d,9)>1$ and all elements of $ a,a+d,a+2d,…a+9d$ do not equal to $ 1$ $ \pmod 9$ , then $ d<11$ and thus $ gcd(d,11)=1$ Hence there must be a $ 0 \leq k \leq 9$ such that $ a+kd \equiv 1 \pmod {11}$ . If not, then $ a+10d \equiv 1 \pmod {11} \Leftrightarrow a = d+1$ ; but then $ a \equiv 1 \pmod 3$ , then atleast 3 elements in $ a,a+d,a+2d,…a+9d$ equal to $ 1$ $ \pmod 9$ .

However, for $ |P|<18$ , I can neither find such set $ P$ nor prove that $ |P|$ cannot be less than $ 18$ . So my question is:

Is it true that $ |P| \geq 18$ ? How can I prove it? If not, what is the minimum amount of elements in $ P$ ?

Also, I am wondering that:

If we replace 10 with an even number $ n$ ,and $ 100$ with $ n^2$ , is it true that $ |P| \geq 2(n-1)$ ?

Any answers or comments will be appreciated. If this question should be closed, please let me know. If this forum cannot answer my question, I will delete this question immediately.