mapfortu's Journal: 120811 (cp)

The copy and paste buffer will be today's topic of discussion for those of you who are not yet comfortable with the mortician behind the mirror and need to play computer games to convince yourselves that things work the way they should.

The copy and paste buffer is a beautiful thing. At one time it only needed to copy and paste plain text and the bytes which could possibly go through the copy and paste queue were more or less the same as the bytes which you could look at for memory mapped assembler code. Over the course of time text inherited colors and the ability to have small styles--looking at memory mapped assembler code didn't really need that and preferred to remain plain text. Over the passage of more time the copy and paste buffer now needs to be able to accept different bit pattern formats, different file types, perhaps even different objects which could be on read data paths; near hardwire pipeline connection to an actual physical peripheral.

If you play a game of Tetris inside of Pac-Man while you play Pac-Man the timing process is similar to Lemmings. If you expand Elevator Action to include Frogger type lanes then you have a modern day copy and paste buffer.

The moment you select material the copy and paste buffer needs to be ready to accept anything which is cued by that CTRL+C. That does not necessarily mean that the data will be transferred, especially if you are trying to exploit it, but that means that all of those switch pathways which could allow Elevator Action to make it through those Frogger lanes must be primed and ready in the event that the data is determined to be available by the underlying OS mechanisms handling the copy and paste buffer.

In the 1970s the goal of core wars was to establish a connection with the opponent and, knowing key timings and characteristics of the Elevator Action/Frogger process cycles running in that operating system, maneuver Froggerspy into memory areas which would not be cleared, accumulate enough of those memory areas within timing windows which would allow for their corners and edges to be cleared in a process which would land them in executable space, and then have enough open connections to hope to catch a garbage connection when the Elevator Action Frogger cycles collide, break down, execute the conglomerated executable code. Trial and error, trial and error, trial and error.

In 2012 we are able to do the same with input prompts and the copy and paste buffer. Anticipate that there is an Elevator Action Frogger network of pathways, and there enormous numbers of little corners and ridges to hide data, especially if you encourage the copy and paste buffer to open all of those corners and ridges. Copy and paste plain text? No problem. Create a string of text which sequentially maps out every font, file type, image type, and data format which you could possibly shove through the buffer and trial and error your way to a hole which you are able to find on a garbage network connection. Many garbage network connections, many copy and paste buffers, trial and error, and complete pwnage should be about two weeks away from anybody who spends command line and compiler time working on Elevator Action and Frogger loops--especially if they write device drivers.

Then you should begin to become comfortable with knowing that there is a mortician behind the mirror (the automobile antenna is not entirely for your entertainment)--nearly: staff cutbacks, timesharing, outsourcing, subcontracting, you are not always that important because you will operate the remainder of your day as Just Another Auto-Mad-Mean (tm). The way to find computer exploits is the same way that the shitbags worship the Lt. Dan Forrest Gump pole. Practice every imaginable stupidity possible and wait patiently for the target to become upset with the stupidity. Blame the target.

Input prompt and copy and paste buffer: carefully and sequentially map out every possible stupidity you could throw into that buffer and wait for it to break, collect the christmas presents from the garbage connection. For example, at whatever network input prompt you like, if you know how to code at the level, put together that request packet using a custom field. Overload the field as much as your ethernet card will allow and throw that HTTP REQUEST packet down that wire!

You would be surprised at the number of exploits already hidden in your computer. If you could install Linux, then Debian, then LFS a few times, then move to GNU/HURD (progressive levels of Lt. Dan stupidity here *g*), then ASM OSs (Contiki, Losethos, etc.), then OpenBIOS a few times, then try to write an OpenBIOS for your system which would give to you a text editor with a button on boot-up, else go through normal sequence. Then try to find your text editor from an OS. Try to use your text editor to read/write to the pins which would talk to your network card before you plug your network cable in. Go Lt. Dan Forrest Gump stupid on your network card, play Elevator Action Frogger with the wires. You would be surprised what is already buried in those chips.