Research and Development

A follow up presentation to show more in-depth format string exploitation techniques.


This presentation covers a method for exploiting format string vulnerabilities which is compared to techniques used for exploiting heap smashes. It does not not cover the basics of the vulnerability because these seem ten a panny.


Much work has been written about covering the underlying principles of format strings but not much seemed to be written concerning this specific technique. More over is was written to push forward a method and library that can be used to optimise format strings to fit into smaller buffer spaces.

Request to be added to the Portcullis Labs newsletter

We will email you whenever a new tool, or post is added to the site.

Your Name (required)

Your Email (required)