exploit Questions
7
Solved
void function(int a, int b, int c) {
char buffer1[5];
char buffer2[10];
int *ret;
ret = buffer1 + 12;
(*ret) += 8;//why is it 8??
}
void main() {
int x;
x = 0;
function(1,2,3);
x = 1;
...
Gog asked 30/3, 2010 at 8:23
6
Solved
I want to analyze a stream object in a PDF file which is encoded using /FlateDecode.
Are there any tools which allow one to decode such encoding (ASCII85decode, LZWDecode, RunlenghtDecode etc.) us...
Arondell asked 17/1, 2015 at 9:11
3
Solved
With regard to the Log4j JNDI remote code execution vulnerability that has been identified CVE-2021-44228 - (also see references) - I wondered if Log4j-v1.2 is also impacted, but the closest I got ...
2
We are using wildfly 10 and 16 in production and a zero-day exploit exists CVE-2021-44228 for log4j for some versions.
How can I be sure that none of the code and libraries use a log4j lib that has...
3
I have a binary I've been trying to fuzz with AFL, the only thing is AFL only fuzzes STDIN, and File inputs and this binary takes input through its arguments pass_read [input1] [input2]. I was wond...
Alvinaalvine asked 25/7, 2020 at 16:42
5
Solved
I 'waddled' by the Console in Chrome on Facebook today.
Surprisingly I got this message in the console.
Now my question is:How is this possible?
I know that there are a few 'exploit' methods for...
Advisory asked 3/3, 2014 at 19:45
0
If any of you are familiar with the basics of exploit development, you know that when you exploit a potential buffer overflow, normally to find the offset of your buffer that "clobbered" ...
7
Solved
WARNING: This is an exploit. Do not execute this code.
//shellcode.c
char shellcode[] =
"\x31\xc0\x31\xdb\xb0\x17\xcd\x80"
"\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b"
"\...
5
I've been working on some exploit development recently to get ready for a training course, and I've run into a problem with a tutorial. I've been following along with all the tutorials I can find, ...
3
Solved
I'm reading now the "Hacking - The Art of Exploitation" book.
This is my simplified version of a code for exploiting format-strings.
/* fmt_vuln.c */
#include <stdio.h>
#include <stdlib...
Mauritius asked 28/10, 2015 at 7:25
3
Solved
I have some sample code from a shell code payload showing a for loop and using push/pop to set the counter:
push 9
pop ecx
Why can it not just use mov?
mov ecx, 9
2
Solved
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <sys/types.h>
#include <stdio.h>
int main(int argc, char **argv, char **envp)
{
gid_t gid;
uid_...
Sech asked 29/11, 2011 at 0:46
1
Solved
I started studying software security, and I'm having trouble getting what buffer overflow attack and ROP attack are.
From what I understand is,
Buffer overflow attack:
When a buffer has a cer...
Normally asked 8/6, 2019 at 18:4
1
I am attempting to exploit the meltdown security flaw on Ubuntu 16.04, with an unpatched kernel 4.8.0-36 on an Intel Core-i5 4300M CPU.
First, I am storing the secret data at an address in kernel ...
Desertion asked 30/3, 2019 at 11:45
3
Solved
Can I safely use user data when redirecting to an url on my own domain?
Assume that I own example.com. If normal usage of my app would require me to redirect users to urls like this at times, is t...
Gratitude asked 28/2, 2019 at 16:12
1
Solved
We have a REST API for querying records in a MongoDB. Very simple, something along the following:
GET /api/items?q=foo
During development, it was convenient to allow regular expressions as the q...
Centavo asked 9/10, 2018 at 16:5
2
Solved
I recently read this article http://codearcana.com/posts/2012/05/06/securing-and-exploiting-go-binaries.html
which claims in Go that the heap is executable. This raises a few different questions fo...
Globin asked 25/9, 2018 at 2:33
12
Solved
If yes, why are there still so many successful SQL injections? Just because some developers do not use parameterized statements?
Josefajosefina asked 22/7, 2011 at 5:31
7
Solved
I usually do not have difficulty to read JavaScript code but for this one I can’t figure out the logic. The code is from an exploit that has been published 4 days ago. You can find it at milw0rm.
...
Overcrop asked 19/12, 2008 at 14:56
0
1
I have an assignment to send a pickle file to a server which unpickles anything sent to it. My plan is to have it email me back the ls command printed out. I have this file:
import smtplib
import ...
1
Solved
I have been following a few tutorials on bufferoverflow exploitation. But my problem is, that I am not able to open a root shell, I will always get a normal user shell instead. I have checked the f...
Allow asked 16/10, 2017 at 20:57
1
Solved
I am new to Buffer Overflow exploits and I started with a simple C program.
Code
#include <stdio.h>
#include <strings.h>
void execs(void){
printf("yay!!");
}
void return_i...
Chefoo asked 10/6, 2017 at 4:2
6
Solved
I have a flex application that needs the ability to generate and execute JavaScript. When I say this, I mean I need to execute raw JavaScript that I create in my Flex application (not just an exist...
Benzene asked 21/8, 2008 at 16:55
6
Solved
I'm trying to teach myself about buffer overflows and exploitation in C++. I'm an intermediate C++ guy, at best, so bear with me. I've followed a few tutorials, but here's some example code to illu...
1 Next >
© 2022 - 2025 — McMap. All rights reserved.