Re: CSR: Exploitation Challenge
supers0nic_at_redwhitearmy.com
Date: 07/20/05
- Previous message: SPI Labs: "Stack-Based Buffer Overflow in Sybase EAServer 4.2.5 to 5.2"
- Maybe in reply to: Steven Hill: "CSR: Exploitation Challenge"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 20 Jul 2005 01:19:02 -0000 To: vuln-dev@securityfocus.com('binary' encoding is not supported, stored as-is) Is it really possible? I compiled it, and for ex, looking for the address of printf. However gdb said:
gdb> p printf
$2 = {<text variable, no debug info>} 0xb7e93758 <printf>
gdb>
actually its address varies according to the application even if it's dynamically linked. Or am I missing a point?
If this binary is accessible through gdb, it means I already have shell access and it's somewhat meaningless...
- Previous message: SPI Labs: "Stack-Based Buffer Overflow in Sybase EAServer 4.2.5 to 5.2"
- Maybe in reply to: Steven Hill: "CSR: Exploitation Challenge"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
