4. The “achievement unlocked” function is referenced at address 0x061CC2C. The a

1. 4. The “achievement unlocked” function is referenced at address 0x061CC2C. The array of function pointers is located at 0x0402094. The difference between these is 21AB98.
2. Providing input of 21AB98/4 as decimal (551654) causes the program to jump to the address at [0x0402094 + 4x551654] which points to the “Achievement unlocked” function. This demonstrates the atoi vulnerability by jumping to code which would, otherwise, be inaccessible.
3.  
4. We attempted to exploit the gets vulnerability by inserting a value of 128 ‘a’ bytes to fill the buffer, another 12 to overwrite other stack values, the ebp, and eip, and finally our desired return address. (We were able to work out the additional buffer space required by examining the general-register addresses in IDA whilst debugging.)
5. Although we were unable to exploit this vulnerability, we could see that the vulnerability existed as any input longer than 128-bytes caused the program to behave in an undesirable way or crash.