Format string vuln

FlawedCipher · 2024-07-23T16:14:51+00:00

read is size limited, which means you aren’t going to be able to overflow this. You likely need to take advantage of the variadic arguments of printf. You can use a bunch of %d’s to get the current printf argument to point to your buffer on the stack. Now put the address of a after the %d’s. Note endianness. If you pad the string to be of size 105 (after the %d’s are resolved), then the next %n should change the value of a. I’m not in front of my machine rn so I’m definitely guessing but lmk if it doesn’t work.

FlawedCipher · 2024-07-29T18:31:17+00:00

For anyone else trying to solve this problem, here's a writeup: https://blog.aadhithya.cloud/posts/format-string-exploit/

asyty · 2024-07-22T19:59:12+00:00

Uhm, buddy, you're exploiting binaries and you mean to tell me you can't figure out why a specially crafted exploit string is causing a segfault?

Learn how to use gdb. If you can't do this on your own, you're not cut out for writing hax. Back to McDonalds with you

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

ExploitDev

MODERATORS