-
Notifications
You must be signed in to change notification settings - Fork 147
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Using 'crash' file to exploit BoF #7
Comments
You'll need to modify three files:
You'll need to add a detection strategy for identifying file open operations.
In the checkOverflow function, you will need to add a
Your check will likely look something like:
And you'll do pretty much the same in
If you send the challenge I'd be happy to add these changes. |
Hi! Here you have a simple parser of files with a buffer overflow vulnerability create a fille called file.c with the following contents: #include using namespace std; //int main() { int main(int argc, char* argv[])
} You can compile with the following commands: g++ file.c -o file Now, create a file called "myfile.txt" with more than 10 chars petar@ubuntu:~/Desktop$ cat myfile.txt To exploit: ./file myfile.txt |
Assuming an application that performs reading of files as example, how could it be analyzed with Zerotool using the 'crash' file to exploit the buffer overflow?
Example: filereadapp /dir/mycrashfileBoF.png
Thanks!
The text was updated successfully, but these errors were encountered: