Format String Vulnerability Topics Format String Page 1
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Format String Vulnerability
Topics
Format String Page 1
Format String
Format String Page 2
Function with Varying Length of Arguments
Format String Page 3
How Format String Works
Format String Page 4
prinftf() with missing arguments
Format String Page 5
A Vulnerable Program
Format Parameters
Format String Page 6
Crash the Program
Format String Page 7
Print out Secret Value Question: How to print out some secret valued stored on the stack?Question: How to print out a secret string stored at address 0xaabbccdd?
Format String Page 8
Modify MemoryQuestion: How to modify the data stored on the stack? Question: How to modify the data stored at address 0xaabbccdd?
Format String Page 9
Modify Memory with Specific ValueQuestion: How to modify the data stored at address 0xaabbccdd with value 0x23a402bc?
Format String Page 10
Code Injection
Question: How to use format string vulnerability to jump to injected shellcode?
Format String Page 11
Related Documents
![Dates in Oracle - Laurentian · • To_Char converts an Oracle date into a character string To_Char(date[,’format’[,’NLSparameters’]])) To_Date(string[,’format’[,’NLSparameters]]))](https://static.cupdf.com/doc/110x72/6052475016e3d71cc60720d6/dates-in-oracle-a-tochar-converts-an-oracle-date-into-a-character-string-tochardateaformataanlsparametersa.jpg)
