Format String Vulnerability

On By MuttiIn Random, Shellcode

Introduction

Some simple tips/pointers on the interesting topic of format string vulnerabilities.

Basics

Most commonly associated with c/c++ and printf family of function calls.

Yes, you can read values of the stack using %p modifier and write to memory locations using %n.

Challenges

Get some practice exploiting format string vulnerabilities over at https://exploit-exercises.com/protostar/format0/

Tutorials

Very straight forward examples – http://codearcana.com/posts/2013/05/02/introduction-to-format-string-exploits.html

Thank you

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s