Root Cause Analysis – Integer Overflows
Foreword Over the past few years, Corelan Team has received many exploit related questions, including “I have found a bug and I don’t seem to control EIP, what can I do ?”; “Can you write a tutorial on heap overflows” or “what are Integer overflows”. In this article, Corelan Team member Jason Kratzer (pyoor) tries […]
Root Cause Analysis – Memory Corruption Vulnerabilities
Introduction For the past year or so I’ve spent a significant amount of time fuzzing various applications with the hopes of identifying exploitable crashes. Early on in my research I quickly realized that building fuzzers and generating large quantities of crashes, even for heavily targeted applications, was easy. However, determining the exploitability of these crashes, […]