bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/linux/local/1831.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

16 lines
No EOL
685 B
Text
Raw Blame History

# tiffsplit (libtiff <= 3.8.2) local stack buffer overflow PoC
tiffsplit from libtiff (http://www.remotesensing.org/libtiff/)
is vulnerable to a bss-based and stack-based overflow, but, I just
wrote the concept c0de for stack-based b0f 'cause I don't know how
to take advantage of the overwritten bss data (after the overflow,
that data is overwritten again correctly by a program' function).
.bss section is in higher addresses than .dtors section, so, we
can't hijack .dtors to....
PoC: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/1831.tar.gz (05262006-tiffspl33t.tar.gz)
nitr0us <nitrousenador[at]gmail[dot]com>
# milw0rm.com [2006-05-26]
Reference in a new issue View git blame Copy permalink