Does flooding with bytes cause buffer overflow? [closed]
If I flood a C program with bytes can I cause buffer overflow, or is there other stuff I have to take into account?
Continue reading Does flooding with bytes cause buffer overflow? [closed]
Collaborate Disseminate
If I flood a C program with bytes can I cause buffer overflow, or is there other stuff I have to take into account?
Continue reading Does flooding with bytes cause buffer overflow? [closed]
In web apps there are vulnerabilities like SQLi or XSS and many more. I heard that for hackers to hack a computer they have to find a vulnerability in a software that is running on an open port.
What are the names of software vulnerabili… Continue reading What are the names of software vulnerabilities? [closed]
I’m trying to put together a ROP chain. I’m looking for a gadget to do the following:
mov rdi, rdx ; mov rbp, rsp ; ret;
But instead, I have a gadget like this :
mov rdi, rdx ; mov rbp, rsp ; jmp 0x8109b3f7
So, I thought maybe I c… Continue reading How to use "jmp" in ROP
I am attempting to disable DEP on a program that will be used in a demonstration of how a basic buffer overflow works.
The application is a C++ app written in visual studio and I am running into sections of the program (particularly where… Continue reading How many actions do you need to take to disable DEP
My ROP exploit crashes with segmentation fault for unknown reason.
This is a vulnerable code (compiled via command gcc h2.c -no-pie -fno-stack-protector -m32 -o h2):
#include <stdio.h>
#include <string.h>
#includ… Continue reading Cannot build a ROP chain
While trying to solve old ctf task (https://blog.frizn.fr/plaidctf-2013/pwn-400-servr) I’ve encountered a situation which I don’t understand.
TLTR
After escalating process privileges my exploit invokes system(“/bin/sh”). Th… Continue reading Kernel exploit fails after executing first command
I have been doing 32bit buffer overflows for some time and I decided to try some 64bit overflows, to explore some more realistic scenarios. I have compiled my code with gcc -fno-stack-protector -z execstack -no-pie overflow.c… Continue reading 64bit buffer overflow fails with SIGILL, cannot understand the reason
I was wondering if there is a way to backdoor live boot of a Linux distro. I know about initrd backdooring but I am curious if there are other ways.
Though there are answers for questions with same topics this issue has not been addressed before. Iv gone through those posts as well
Im trying to learn about exploit writing. Im a beginner. However I cannot observe my progr… Continue reading Unable to Overwrite EIP in Immunity
I’m currently working on the following CTF exercise (x64 version), where the objective is to overwrite a pointer stored on the heap to control the write address of strcpy():
https://exploit.education/phoenix/heap-one/