Stack Overflow
Stack Overflow

Questions tagged [exploit]

An exploit is a piece of software, a chunk of data, or sequence of commands that takes advantage of a bug, glitch, or vulnerability in order to cause unintended or unanticipated behavior to occur. This frequently includes such things as gaining control of a computer system, allowing privilege escalation, or a denial of service attack.

790 questions
147
votes
7 answers

How does this milw0rm heap spraying exploit work?

I usually do not have difficulty to read JavaScript code but for this one I can’t figure out the logic. The code is from an exploit that has been published 4 days ago. You can find it at milw0rm. Here is the code:
Patrick Desjardins
  • 136,852
  • 88
  • 292
  • 341
110
votes
5 answers

How do I create formatted javascript console log messages

I 'waddled' by the Console in Chrome on Facebook today. Surprisingly I got this message in the console. Now my question is:How is this possible? I know that there are a few 'exploit' methods for the console, but how can you make such font…
Anders Kjeldsen
  • 1,224
  • 2
  • 10
  • 14
93
votes
12 answers

Can parameterized statement stop all SQL injection?

If yes, why are there still so many successful SQL injections? Just because some developers do not use parameterized statements?
iceagle
  • 1,507
  • 2
  • 13
  • 13
61
votes
3 answers

Log4j vulnerability - Is Log4j 1.2.17 vulnerable (was unable to find any JNDI code in source)?

With regard to the Log4j JNDI remote code execution vulnerability that has been identified CVE-2021-44228 - (also see references) - I wondered if Log4j-v1.2 is also impacted, but the closest I got from source code review is the JMS-Appender. The…
Ravindra HV
  • 2,558
  • 1
  • 17
  • 26
49
votes
2 answers

Explanation of a pointer in exploit code

In some exploits for getting the root shell, I often see such a pointer: int i; unsigned *p = *(unsigned**)(((unsigned long)&i) & ~8191); Can anyone explain this pointer a little bit? I think 8191 is the size of the kernel stack. p points to the…
HuangJie
  • 1,488
  • 1
  • 16
  • 33
41
votes
7 answers

Writing Secure C and Secure C Idioms

"The average man does not want to be free. He simply wants to be safe." - H. L. Menken I am attempting to write very secure C. Below I list some of the techniques I use and ask are they as secure as I think they are. Please don't not hesitate to…
Ethan Heilman
  • 16,347
  • 11
  • 61
  • 88
39
votes
6 answers

How to decode a PDF stream?

I want to analyze a stream object in a PDF file which is encoded using /FlateDecode. Are there any tools which allow one to decode such encoding (ASCII85decode, LZWDecode, RunlenghtDecode etc.) used in PDFs? The stream content is most likely a PE…
rebel87
  • 533
  • 1
  • 4
  • 9
34
votes
2 answers

What is vulnerable about this C code?

#include #include #include #include #include int main(int argc, char **argv, char **envp) { gid_t gid; uid_t uid; gid = getegid(); uid = geteuid(); setresgid(gid, gid,…
quantumdisaster
  • 567
  • 2
  • 6
  • 12
26
votes
8 answers

Hacking and exploiting - How do you deal with any security holes you find?

Today online security is a very important factor. Many businesses are completely based online, and there is tons of sensitive data available to check out only by using your web browser. Seeking knowledge to secure my own applications I've found…
Chris Dale
  • 2,222
  • 2
  • 26
  • 39
23
votes
5 answers

How is integer overflow exploitable?

Does anyone have a detailed explanation on how integers can be exploited? I have been reading a lot about the concept, and I understand what an it is, and I understand buffer overflows, but I dont understand how one could modify memory reliably, or…
wuntee
  • 12,170
  • 26
  • 77
  • 106
23
votes
1 answer

Why does this Python code destroy my computer?

It claims to be MS12-020 exploit, and I tested this on my machine. Apparently, it seems to destroy the operating system that runs it. Looking just some parts of this code does not indicate any malicious code, so I asking for your help. What is it…
user1594245
  • 241
  • 2
  • 7
22
votes
3 answers

Use a heap overflow to write arbitrary data

I've been trying to learn the basics of a heap overflow attack. I'm mostly interested in using a corruption or modification of the chunk metadata for the basis of the attack, but I'm also open to other suggestions. I know that my goal of the exploit…
amccormack
  • 13,207
  • 10
  • 38
  • 61
22
votes
4 answers

What are some advanced and modern resources on exploit writing?

I've read and finished both Reversing: Secrets of Reverse Engineering and Hacking: The Art of Exploitation. They both were illuminating in their own way but I still feel like a lot of the techniques and information presented within them is outdated…
mmcdole
  • 91,488
  • 60
  • 186
  • 222
21
votes
4 answers

Perl CGI hacked? But I'm doing everything right

I just noticed some strange PHP files in one of my web directories. They turned out to be spammer-placed exploit files. They've been there since 2006, around the time that I was running a high-profile donation campaign using a CGI script of mine.…
Jason Rohrer
  • 503
  • 4
  • 14
19
votes
5 answers

How are buffer overflows used to exploit computers?

How are buffer overflows used to exploit computers? How is one able to execute arbitrary code simply by causing stack or heap overflows? I understand that portions of the programs memory are overwritten that aren't supposed to be, but I don't see…
anon
1
2 3
52 53