Superficial Intelligence

No, I'm not doing anything illegal. I am taking a class called Introduction to Computer Security. It's not a topic that I enjoy very much or that I'm good at, but I believe it's essential in order to be a good programmer.

As part of my first homework, I had to attack a badly written version control system in order to gain access to a shell (that interface to your computer that is just a command line) as root (which means I get top privileges and can modify the system even if I was not allowed to initially).

The most interesting exploit to do was a buffer overflow. It was also the toughest. Basically, what this type of attack tries to do is store a very long piece of code into a section in memory that has a smaller size than that of the code's length. When the computer tries to store that very long piece of code, since it doesn't fit, it ends up overwriting other sections of memory. The fun part is that with this type of attack you can make the victim code jump to your own code and execute whatever you want. It's tricky, but it's possible.

After I was done with this assignment, I at least realized that I don't have zero security skills. Looks like the class is being worth it!