Alert icon
We're changing our privacy policy. This stuff matters.  Learn more  Dismiss

Format string kungfu via GOT table overwrite

Sign in or sign up now!
1,248
Loading...
Alert icon
Sign in or sign up now!
Alert icon

Uploaded by on Nov 29, 2007

This C source code has a few bugs, but only one method provides easy exploitation on Linux. The exploit overwrites a Global Offset Table entry for a networking socket call by abusing printf. Our payload has been injected in a specially crafted form in order to execute properly due to manipulation of the data. The payload executes the 'id' command in the context of the running server. Shellcode size restrictions were a factor, because your data gets overwritten with zeros. It takes some hacking kungfu...watch and learn :-)

Problem Source Code:
http://pastebin.com/vGGPZgSq

Solution Source Code:
http://pastebin.com/1cDUSRng

Link to this comment:

Share to:

Uploader Comments (khermans)

  • This was my solution to the CEPT final hands-on exam back in 2007. I don't think they use this example any longer so it should be OK to share my solution publicly.

    khermans 1 year ago

  • that is bull shit...

    cause: anybody can see anything...

    LagartoNET303030 1 year ago

  • @LagartoNET303030 Use HD mode!

    khermans 1 year ago

  • foo?

    khermans 3 years ago

see all

All Comments (4)

Sign In or Sign Up now to post a comment!

  • i cant see anythink ;/

    renf7 3 years ago

View all Comments »
Loading...

0 / 00Unsaved Playlist Return to active list
    1. Your queue is empty. Add videos to your queue using this button:
      or sign in to load a different list.
    Loading...Loading...Saving...
    • Clear all videos from this list
    • Learn more