game 2 of hackthissite.org’s programming challenge

The directions (you have 30 seconds to upload the code)

“The pixels in the above image are numbered 0..99 for the first row, 100..199 for the second row etc. White pixels represent ascii codes. The ascii code for a particular white pixel is equal to the offset from the last white pixel. For example, the first white pixel at location 65 would represent ascii code 65 (‘A’), the next at location 131 would represent ascii code (131 – 65) = 66 (‘B’) and so on.

The text contained in the image is the answer encoded in Morse, where “a test” would be encoded as “.- / – . … -”"

Sample image:

Solution:

```#!/usr/bin/env python
from PIL import Image

imagefile = Image.open('./PNG.png')

key = {  ".-":"A",
"-...":"B",
"-.-.":"C",
"-..":"D",
".":"E",
"..-.":"F",
"--.":"G",
"....":"H",
"..":"I",
".---":"J",
"-.-":"K",
".-..":"L",
"--":"M",
"-.":"N",
"---":"O",
".--.":"P",
"--.-":"Q",
".-.":"R",
"...":"S",
"-":"T",
"..-":"U",
"...-":"V",
".--":"W",
"-..-":"X",
"-.--":"Y",
"--..":"Z",
".----":"1",
"..---":"2",
"...==":"3",
"....-":"4",
".....":"5",
"-....":"6",
"--...":"7",
"---..":"8",
"----.":"9",
"-----":"0",
}

#width,height = imagefile.size
#print imagedata[0,9]

imagelist = list(imagefile.getdata())

plaintext = ""

lastval = 0
thislettercoded = ""
for i in range(0,len(imagelist)):
#we only care if the spot is white
if imagelist[i] == 1:
thischar = chr(i - lastval)
if thischar == '.' or thischar == '-':
thislettercoded = thislettercoded + thischar
else:
thislettercoded = thislettercoded.strip()
plaintext = plaintext + key[thislettercoded]
thislettercoded = ""
lastval = i

print plaintext
```

## An analysis of a Time Synchronization Protocol

You know, with how much people tout the prism2 chipset, atheros sometimes gets looked over.

https://www.ath9k.org/wiki/UserDocs/MonitorModeInterface

blam.

I mean, it’s got interfaces to act as vaps, to go in rfmon mode…  pretty cool.  I haven’t figured out how to reach the full potential of my prism2.5 card yet though, so I guess I’ll need more experimenting with both

## gcc security tips

Here are some flags that may help vulnerable code from being executed.

-D_FORTIFY_SOURCE=2

This should get rid of some buffer overflows that can be analyzed statically and some obvious ones (strcpying input, format string vulnerabilities).

-fstack-protector-all

From the man page:

Emit extra code to check for buffer overflows, such as stack smashing attacks.  This is done by adding a guard variable to functions with vulnerable objects.  This includes functions that call alloca, and functions with buffers larger than 8 bytes. The guards are initialized when a function is entered and then checked when the function exits.  If a guard check fails, an error message is printed and the program exits.