Archive for the ‘C’ Category

Setup and Use GCC on Windows in 5 Easy Steps

Do you want to be able to compile C, C++, Ada and Fortran programs on Windows without losing time wrestling with a bulk, resource-intensive IDE? You can! The solution is to port the ultra-popular, lightweight GCC (GNU Compiler Collection) often used in *nix systems to Windows via MinGW + Cygwin.

MinGW is the minimalist GNU implementation for Windows.

If you’re like me then by the time you’ve come to the realization that you want to use MinGW and GCC on Windows for coding purposes, you’ve probably already installed it as a dependency of other software you might run, such as Anaconda or along with your Cygwin install (if so, skip to Step 3).

1. Install Cygwin, which provides many Linux commands/libraries to Windows

2. Install MinGW

3. Make sure that MinGW was added to your PATH by typing PATH in a terminal

If not, you can add it through Window’s GUI interface (just type PATH or Environment in Start on Win 7 or 8 and it will come right up as a search result).

4. In a terminal (cmd or PowerShell) go to the directory containing the code you want to compile, i.e.

cd c:\Users\Hackr\coolcode

5. Type the compile command:

g++ hackr.c -o hackr.exe

where -o is indicating your output file.

This also works with compiling multiple files:

g++ hackr.c econometrics.c hadoop.c overflow.c -o hackeconometrics.exe
That’s it!

This should take at least an hour or 2 less time than installing Microsoft’s Visual Studio (though the latter has it’s virtues) or a similar bulky IDE and will give you fewer headaches by avoiding complicating your life with a million unnecessary options and confusing attempts to “help” you build a simple project.


Software Sec: C / C++ Buffer overflows and Robert Morris

Buffer Overflow = any access of a bugger outside of its allotted bounds
  •      over-read or over-write
  •      could be during iteration (running off the end), or direct access (pointer arithmetic)
  •      this is a general definition; some people use more specific definitions of differing types of buffer overflows

A buffer overflow is a bug that affects low-level code, typically C and C++ with significant sec implications

Normally causes a crash, but can be used to:
  • dump/steal information
  • corrupt information
  • run code (payload)
They also share common features with other bugs.
C and C++ are the most popular languages (behind Java) and therefore buffer overflows are a major vuln. C/C++ are heavily used in:
  •      OS Kernels
  •      embedded systems
  •      HPC servers
 First buffer overflow occurred in 1988 by a student named Robert Morris, as part of a self-propagating computer worm that was an attack against fingerd and VAXes (Morris was caught and punished but is now a MIT professor); this worm affected 10% of the Internet
In 2001, CodeRed exploited a buffer overflow in the MS-IIS server, which infected >300,000 machines in 14 hours
In 2003 SQL Slammer worm infected 75,000 machines in 10 minutes by exploiting a buffer overflow in MS-SQL Server
In 2014 a latent buffer overflow bug was found in X11 that had been present over 23 years.



C: Program Structure

A programmer uses comments to document the code. Text that has been “commented” is ignored by the compiler. The largest contributor of the total cost of software is code maintenance, not program development. Adequately commented code can drastically reduce the lifecycle cost of a program. Often, even the programmer who wrote the code forgets details when editing code several months later.

C supports two different formats of comments. The first type starts with a slash asterisk and ends with an asterisk slash; everything in between is ignored by the compiler. There are many implementation of this format used by programmers. A typical program will have a header comment to provide details regarding the entire program as well as comments inserted throughout the program to clarify the programmer’s intent. This is the hello program with comments added.

* Filename:   hello.c
* Programmer: Bob Adams
* Date:  June 8, 1998
* Description: 
* Displays a hello message on screen to user

/* preprocessor directive */
#include <stdio.c>
int main(void) 
   printf("Hello"); /* display  hello on screen */
   return 0;   /* indicates success to OS */



The newer C99 standard implemented the C++ syntax for comments using the double slash //. Everything after the double slash until the end of the line is considered a comment and ignored by the compiler. Below is the program using the newer style of comments. Both styles can be used, sometimes one style is more clear than the other within the code.

// Filename:   hello.c
// Programmer: Bob Adams
// Date:  June 8, 1998
// Description: 
// Displays a hello message on screen to user

// preprocessor directive
#include <stdio.c>
int main(void) 
   printf("Hello"); // display  hello on screen
   return 0;   // indicates success to OS



Source: C Primer Plus, Berkeley C programming class notes

C: 3 basic steps in using C compilers

  1. Creating a project (or makefile) to identify the directories and files to be compiled
  2. Creating a new C program or adding an existing C program to the project
  3. Compiling, linking and executing your program

C: use getch() or a breakpoint to view output

#include <stdio.h>

int main(void) 
   return 0; 



Save the program with a filename of “hello.c”. The program then needs to be compiled, linked and executed. Many compilers allow you to do this in one step but some require a multi-step process. Depending upon the compiler used, you may or may not see a display window with the message “Hello” appear and then disappear. There are several solutions to the disappearing window. The first solution is to insert a command to stop the program before it exits, which would keep the display window open. The two most popular methods are the following:

Option 1: Insert a getch() statement.

#include <stdio.h>
int main( void ) 
  return 0; 



Option 2: Insert a system(“pause”) statement

#include <stdio.h>
int main( void ) 
  return 0; 



C: C v. C++, Object Orientation

C++ graphs object oriented programming* tools to the C language

In the 1990s many companies began using C++ for large programming projects
C++ is a superset of C, any C program is (or almost is) a valid C++ program

*object-oriented programming philosophy attempts to mold the language to fit a problem instead of mold a problem to fit a language

C: Virtues and Shortcoming of C


  • Powerful control structures
  • Fast (and efficient, like an assembly language)
  • Compact code (small programs)
  • Portable (moreso than other languages)
Its design makes it desirable for top-down planning, structured programming and modular design.
C is especially popular for programming embedded systems


  • Use of pointers — errors are hard to trace
  • Can be difficult to follow


C: Dennis Ritchie, history of C

C was created by Dennis Ritchie of Bell Labs in 1972, while Ritchie worked with Ken Thompson on designing Unix.

C was based on Ken Thompson’s language, B.


C: When to use C v. C++

You pick C when

  • you need portable assembler (which is what C is, really) for whatever reason,
  • your platform doesn’t provide C++ (a C compiler is much easier to implement),
  • you need to interact with other languages that can only interact with C (usually the lowest common denominator on any platform) and your code consists of little more than the interface, not making it worth to lay a C interface over C++ code,
  • you hack in an Open Source project (many of which, for various reasons, stick to C),
  • you don’t know C++.

In all other cases you should pick C++.



White & Black box Debuggers, Intelligent Debugging, and Dynamic Analysis

Debugging is a common task for data scientists, programmers, and security experts alike. In good ole RStudio we have a nice, simple built-in white-box debugger. For many analysis-oriented coders, the basic debugging functionality of an IDE like RStudio is all they know and it may be a surprise that debugging is a bigger, much sexier, topic. Below I define and describe key topics in debugging and dynamic analysis, as well as provide links to the most cutting edge free debuggers I use.

Dynamic Analysis: Runtime tracing of a process, usually performed using a debugger. Dynamic Analysis is critical for exploit development, fuzzer assistance, and malware inspection.

Debugger: a program that is used to test and troubleshoot other programs.Intelligent Debugger: a scriptable debugger that supports extended features such as call hooking, such as Immunity Debugger and PyDbg.

White Box Debugger: Debuggers built into IDEs and other dev platforms, which enable developers to trace through source code with a high degree of control, as to aide in the troubleshooting of functions and other code breakages.
Black Box Debugger: Used by bug hunters and reverse engineers, black box debuggers operate on compiled programs when the source code is not available and the only information is available in a disassembled format. There are two broad subclasses of black box debuggers, which are user mode (i.e. ring 3) and kernel mode (i.e. ring 0).
User mode black box debugger: a processor mode under which your applications run, usually with the least amount of privilege (e.g. double clicking PuTTY.exe launches a user-mode process).
Kernel mode black box debugger: a processor mode where the core of the OS runs using the highest amount of privilege (e.g. capturing packets with a network adapter that is in passive mode).
User-mode Debuggers Commonly used among Reverse Engineers
WinDbg by Microsoft
OllyDbg by Oleh Yuschuk, a F.O.S.S. debugger
GNU Debugger (gdb), a F.O.S.S. Linux debugger by the community