Archive for February 2012

Pointer Subterfuge – Postmortem?   Leave a comment

  • Post Info:
    1. # Author: Flavio do Carmo Junior aka waKKu
      # URL: Author’s Webpage
      # Date: February 01, 2012
      # Category: Exploiting, Programming, Security

    As I said in my two last posts…

    I would be writing 3 quick and quite straightforward posts this week.
    All (partially) inspired by this video: (I am a C Programmer) and regarding to stack overflows.

    – 1) Signedness bug
    – 2) Widthness overflow
    – 3) Pointer Subterfuge

    Nothing new I suppose, however, as usual I look forward to demystifying them completely. Therefore, any doubts in any of these bugs, please feel free to comment, elaborate my explation or even curse me by my mistakes.
    All codes will be compiled using 32bits, just because I think it is easier to understand and be tested using VMs.

    Consequently, here is the third post.

    3) Pointer Subterfuge

    – Pointer Subterfuge is a bit different from the other 2 posts. It is not actually a vulnerability as it is an exploitation “technique”. We usually call as pointer subterfuge when an attacker is overwriting a function pointer instead of a return address and, somehow, manages to get this function pointer called/executed.
    Let me show you some code:
    Read the rest of this entry »


    Posted February 1, 2012 by waKKu in Exploiting, Programming, Security