While viewing Slate.com for the inagural “You Need To Learn How To Program” event, I spotted an ad for DSD seeking job applicants.
I then did what any keen eyed person would do and Googled the string of code to see what it meant.
The number #1 result was a site called TUCUXI who also witnessed the ad and wrote the following synopsis concerning it!
On first inspection, running the decoded string through a hexdump, my first assumption was that it was some sort of encrypted message, with the 00 bytes signifying some sort of delimiter – judging by eye, it was roughly 64 bytes for the middle segment of the message, and perhaps the final 4 bytes were some sort of checksum. The distribution didn’t quite seem right for an encrypted message, though.. in fact, some of the pairs of bytes seemed a bit familiar. Then I twigged. x86 assembly!
The next part of the code is pretty straightforward – from position (5 + 0x1E), or 0x23 onwards, it uses the opcodes from position 5 onwards as a simple xor key – continuing until the memory at n and n+0x1E match. Because the encoded data overlaps with the start of the encoded string, you can’t just offset the data by 0x1E and look for matches; you must compare the already-xor’ed data in memory with the eventual value. The loop ends up terminating at offset 0x45, with value 0x3A, and then calls int 0x03 to generate a breakpoint, and presumably let you see the memory in whatever debugger they expect you to be using..
It’s a cute strategy, but ultimately ineffective – who wants to work in Canberra for below-average pay? Anyone who knows their stuff in IT security is going to want a hell of a lot more than 91k a year. Even if they do get to write a bit of assembly for job ads.
Take Away Conclusion
*facepalm* to DSD Marketing.
Author: brad forster