peach | Corelan Cybersecurity Research

Root Cause Analysis – Integer Overflows

Published July 2, 2013 |

Foreword Over the past few years, Corelan Team has received many exploit related questions, including “I have found a bug and I don’t seem to control EIP, what can I do ?”; “Can you write a tutorial on heap overflows” or “what are Integer overflows”. In this article, Corelan Team member Jason Kratzer (pyoor) tries […]

Posted in Exploit Writing Tutorials, Root Cause Analysis | Tagged !exploitable, determine exploitability, fake chunk, freelist, freelist[0] insert atttack, freelist[0] search atttack, fuzzing, fwptr, gom player, heap, heap overflow, heapbase, integer overflow, lal head, lookasidelist, mona.py, mp4, msec.dll, peach, qt, root cause analysis, windbg

Root Cause Analysis – Memory Corruption Vulnerabilities

Published February 26, 2013 |

By Corelan Team (Jason Kratzer)

Introduction For the past year or so I’ve spent a significant amount of time fuzzing various applications with the hopes of identifying exploitable crashes. Early on in my research I quickly realized that building fuzzers and generating large quantities of crashes, even for heavily targeted applications, was easy. However, determining the exploitability of these crashes, […]

Posted in Exploit Writing Tutorials, Exploits, Fuzzing, Root Cause Analysis | Tagged !exploitable, 4byte, arbitrary write, binary-editor, bitmap, corelan, corruption, determine, exploitability, freelist, fuzzing, heap, kmplayer, kmplayer-corelan-team, mona, msec, peach, pit, race condition, windbg

Corelan Cybersecurity Research

:: Knowledge is not an object, it's a flow ::

Root Cause Analysis – Integer Overflows

Root Cause Analysis – Memory Corruption Vulnerabilities

Corelan Training

Donate

Corelan Team Merchandise

Corelan on Slack

Actions

Categories

Hi there!

We have good news for you!