Рет қаралды 1,721
On this stream/vid, we'll take a look at some basic off by one vulnerabilities and how you can turn a one-byte overwrite into code execution. If you've exploited buffer overflow vulnerabilities then you are probably used to seeing the registers holding values such as 0x41414141, indicating that your data has somehow ended up where it's not supposed to be. With Off By One vulnerabilities it's a bit different. You often are only able to overwrite a single byte out of bounds. Interestingly, under the right conditions, this can be enough to result in code execution, when combined with taking advantage of interesting hooks, such as those related to the functions free and malloc.