http://www.masm32.com/download.htm
Click the green "US Site 1" link, as shown below.
Save the file. A masm32v11r.zip file downloads.
Click Start, Documents.
Navigate to your Downloads folder, as shown below.
Right-click masm32v11r.zip and click "Extract All...", Extract.
Double-click the install.exe file.
Click Run.
The main installer box opens, as shown below.
On the top left, click the big globe labelled Install.
In the next box, click C:\ and click OK, as shown below.
In the next five boxes, click OK.
In the next box, click Extract.
In the next box, click OK.
A Command Prompt box opens, and many messages scroll by, as shown below.
This goes on for about two minutes.
When you see this box, click and press any key.
The next box says libraries were built correctly, as shown below. Click OK.
In the next box, click OK again.
The next box displays some parameters, as shown below. Click Yes.
You see "The Installation Is Now Complete", as shown below. Click OK, OK, Yes, OK.
The MASM32 Editor opens, as shown below.
Paste in the code below.
.486 ; create 32 bit code
.model flat, stdcall ; 32 bit memory model
option casemap :none ; case sensitive
include \masm32\include\windows.inc ; always first
include \masm32\macros\macros.asm ; MASM support macros
; -----------------------------------------------------------------
; include files that have MASM format prototypes for function calls
; -----------------------------------------------------------------
include \masm32\include\masm32.inc
include \masm32\include\gdi32.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
; ------------------------------------------------
; Library files that have definitions for function
; exports and tested reliable prebuilt code.
; ------------------------------------------------
includelib \masm32\lib\masm32.lib
includelib \masm32\lib\gdi32.lib
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
.code ; Tell MASM where the code starts
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
start: ; The CODE entry point to the program
print chr$("Hello, World!",13,10)
exit
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
end start ; Tell MASM where the program ends
From the menu bar, click File, Save.
In the "Save File As..." box, click "Browse Folders".
Navigate to your Documents folder, as shown below. Right-click an empty portion of the folder pane and click New, Folder.
Name the new folder PMA 302.1 and press Enter to open the new folder, as shown below.
Enter a filename of hello.asm, as shown below, and click Save.
From the MASM32 menu bar, click Project, "Console Build All".
A Command Prompt window opens, saying "Press any key to continue...", as shown below.
Press Enter. The Command Prompt window closes.
From the MASM32 menu bar, click File, "Cmd Prompt".
In the Command Prompt, execute this command:
dir
You should see three files,
as shown below.
In the Command Prompt, execute this command:
hello.exe
You should see the message "Hello, World!",
as shown above.
The lower left of PEiD shows the detected language used to create the program, which is covered by a green box in the image below.
That's the flag.
Paste in the code below.
.386
.model flat, stdcall
option casemap:none
include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib
include \masm32\include\masm32.inc
includelib \masm32\lib\masm32.lib
.data
welcome db "What is your name? ", 0
hello db "Hello ", 0
crlf db 13, 10, 0
buffer db "NAME", 0
done db "All Done!", 0
.code
start:
push offset welcome ; Effective address of welcome
call StdOut ; Call console display API
push 100 ; Maximum number of input characters
push offset buffer ; Effective address of buffer
call StdIn ; Call console input API
push offset hello
call StdOut
push offset buffer
call StdOut
push offset crlf
call StdOut
push offset done
call StdOut
exit:
push 0
call ExitProcess
end start
From the menu bar, click File, Save.
In the "Save File As..." box, navigate to your Documents folder. Right-click an empty portion of the folder pane and click New, Folder.
Name the new folder PMA 302.2, and press Enter to open the new folder.
Enter a filename of bufo.asm and click Save.
From the MASM32 menu bar, click Project, "Console Build All".
A Command Prompt window opens, saying "Press any key to continue...".
Press Enter. The Command Prompt window closes.
From the MASM32 menu bar, click File, "Cmd Prompt".
In the Command Prompt, execute this command:
bufo.exe
A message asks "What is your name?" Type
SAM and press Enter. The
program works correctly for such a short name,
as shown below.
Try longer names, such as WALLY and DILBERT. The "All Done!" message is replaced by characters from the end of the name, as shown above.
This is the simplest sort of buffer overflow: leakage from one variable to another.
In the left pane of PEiD, expand the "SECTION .rdata" container and click "IMPORT Address Table", as shown below.
The right pane shows the functions imported from kernel32.dll. Find the function name covered by a green box in the image below.
That's the flag.