In some recent classes for security from Microsoft's 2805 and 2806 courses, I demonstrated the ability to make a buffer overrun hack. The information on page 11 of the 2805 courseware does not show the appropriate text to really demonstrate the power of the hack.
The demonstration itself originates in Michael Howard's and David LeBlanc's must read book, Writing Secure Code. In their second edition they begin a wonderful example on page 129 of a stack overrun. On page 135, in order to throw the the program flow into the bar function, they use a Perl script named HackOverrun.pl to exploit the issue.
Not being a Perl scripter, I was curious how to make it work in a straight command window environment as originally demonstrated up till this page.
It occurred to me after seeing a friend type their password in with special Unicode characters how to make this work. The secret to strong password security is to take advantage of the extreme number of characters available. Try this at home! Change your password to something like BobIsReallyCool, but before pressing 'Enter' or 'Tab', hold your 'Alt' key down and type on your number keypad 0064 then release your 'Alt' key. You will see the following string, 'BobIsReallyCool@'. By typing in 0064 you referenced the Unicode character '@'. Now try the same password with a 2251 at the end. This time you get 'BobIsReallyCool-'. Of course you have '*' or bullets covering all of the characters, but you get the idea.
So what do we type in to make the StackOverrun demo sound like Charlie Brown? Type the following at the command prompt after the executable file:
ABCDEFGHIJKLMNOPE(Alt+0016)(Alt+0064)
I actually find it rather humorus that the final four letters, before the 'Alt' characters spells 'NOPE'.
If you have not picked up the book that Bill Gates referres to as “Required reading at Microsoft”, the get out to your favorite book seller and pick up “Writing Secure Code.” It's ISBN is 07-7356-1722-8.