Format String printf Vulnerabilities (PicoCTF 2022 #46 'flag-leak')

Показать описание

Help the channel grow with a Like, Comment, & Subscribe!
Check out the affiliates below for more free or discounted learning!

📧Contact me! (I may be very slow to respond or completely unable to)

Рекомендации по теме

Комментарии

i look forward to these videos every day and I'm not even signed-up for the CTF. hearing how you think through these challenges is priceless.

rey

Cool challenge and a great video. Keep them coming sir.

LDowning

Cool! I didn't realize printf could be dangerous every time I used it. Thankyou for teaching something new

fart_mnster_

Cool, didnt know a simple printf can be weaponize

verolyn

That was a pretty cool one. Never though of printf as being an exploit to walk through the stack like that, being able to see and -even better- write to env variables…. seems like it could be useful in a future challenge.

tekneinINC

I laughed hard when I saw that "vuln" vomited garbage data and other variables. I know it could be dangerous in production environment, but that was fun! :'D

dtvdavid

thank you as always for you incredible video.

abdelHsn

That was cool! This world needs more hackers like you John:)

arbibab

Format strings vulns is my favourite, pity its pretty rare at IRL - stil I did found one exploitable in the wild once ))

mcw

Hey John I found a CVE in an email provider, tried to inform them about it so that I could help them fix it for some cash but they didn't care and they still haven't fixed it months later 😬 what would you do in this scenario 🤔

d