dEEpEst Posted March 25, 2017 Share Posted March 25, 2017 [HIDE-THANKS]################ #Exploit Title: Linux XFBurn Stack-based Buffer Overflow #Type: CWE-121 #Exploit Author: Hosein Askari (FarazPajohan) #Vendor HomePage: This is the hidden content, please Sign In or Sign Up #Version : 0.5.4 #Tested on: Ubuntu 17.04 #Date: 24-03-2017 #Category: Application #Author Mail : [email protected] #Description: This application isn't checking the return value of fopen() before using it. fopen() is failing here, returning NULL, and then NULL is passed as the stream to fprintf() #resulting Segmentation Fault. ################# The kernel output | dmesg : [ 2963.870884] xfburn[3739]: segfault at 0 ip 00007f1c9255f6f8 sp 00007ffd53ac2e70 error 4 in libc-2.23.so[7f1c924f1000+1bf000] ################# The GDB output: Thread 1 "xfburn" received signal SIGSEGV, Segmentation fault. __GI__IO_fwrite (buf=0x555555584510, size=1, count=40, fp=0x0) at iofwrite.c:37 #################[/HIDE-THANKS] Link to comment Share on other sites More sharing options...
Recommended Posts