A follow up presentation to show more in-depth format string exploitation techniques.
This presentation covers a method for exploiting format string vulnerabilities which is compared to techniques used for exploiting heap smashes. It does not not cover the basics of the vulnerability because these seem ten a panny.
Much work has been written about covering the underlying principles of format strings but not much seemed to be written concerning this specific technique. More over is was written to push forward a method and library that can be used to optimise format strings to fit into smaller buffer spaces.
April 26, 2013
MD5 hash: e3fd1fbc64fe67b056a9001987bfc5ea
|Date:||April 26, 2013|