Collaborate Disseminate
ROP usually uses a buffer overflow to overwrite the x86 return address. However, ARM stores that in a register. What is the effect of this on return-oriented programming attacks on non-x86 architectures?
On x86, the CALL instruction pushes… Continue reading How much do ARM-like link registers make return-oriented programming harder?
ROP usually uses a buffer overflow to overwrite the x86 return address. However, ARM stores that in a register. What is the effect of this on return-oriented programming attacks on non-x86 architectures?
On x86, the CALL instruction pushes… Continue reading How much do ARM-like link registers make return-oriented programming harder?
I’m working on some pwn.college binary exploitation challenges.
ASLR is disable, stack is executable and there is no canary.
I’m not understanding one thing.
I have my shellcode which open the flag file and prints the content to stdout and… Continue reading May read() syscall not set first bytes of a buffer?
I admit that I don’t fully understand how buffer overflow attacks works, but as far I understand, the attacker send an input that is longer than the section of memory that is supposed to temporarily store it so it overruns other parts of t… Continue reading Can buffer overflow attacks become impossible?
I’m working on a security challenge involving a buffer overflow vulnerability, but I’m having trouble affecting a variable in the parent function. Here’s a simplified version of the code:
#include <stdio.h>
#include <malloc.h>
… Continue reading Buffer Overflow Not Setting Variable in Parent Function
Consider the following simple C program that asks the user for to input their user name and password in order to get access to some website. (The correct username is supposed to be "admin" and the password is a secret random numb… Continue reading How to do a bufferoverflow attack for a simple C program?
Consider the following simple C program that asks the user for to input their user name and password in order to get access to some website. (The correct username is supposed to be "admin" and the password is some secret random n… Continue reading How to use buffer overflows via pwntools on an ELF?
I’ve been diving into the world of buffer overflow vulnerabilities and their exploitation, which has been both challenging and fascinating. However, I’ve recently hit a mental roadblock and would love to get your insights.
With modern oper… Continue reading Given extensive protections in modern operating systems that make buffer overflow exploits unfeasible, should I even bother studying these?
Is it possible that if an attacker sends an abnormally large packet to a WiFi / Ethernet card of a computer, it will write past the buffer of the onboard memory and into other areas? Like maybe the DMA descriptors for DMA requests or even … Continue reading Recieve buffer overflow on WiFi/Ethernet card
I am trying to test this example from StackOverflow (how-can-i-invoke-buffer-overflow), but I am not having success.
I also asked for clarification two weeks ago, directly on the post (through a comment) but there was still no answer (per… Continue reading How do I successfully test this trivial buffer overflow written in C? [migrated]