4:45am PST - February 16th, 2023
Now, consider the following scenario: there's Full RelRo, PIE and ASLR and you find a format string vulnerability. No NULL-bytes allowed: Overwrite __do_global_dtors_aux_fini_array_entry() with a one-gadget in two parts: %58$p (leaked dtor) plus %12$p (your buffer) and get shell! https://t.co/ymy9UTcklh
0 retweets 0 likes - Socialk@s (@Disbauxes)