Questions tagged [exploit]
An exploit is a piece of software, a chunk of data, or sequence of commands that takes advantage of a bug, glitch, or vulnerability in order to cause unintended or unanticipated behavior to occur. This frequently includes such things as gaining control of a computer system, allowing privilege escalation, or a denial of service attack.
exploit
802
questions
-2
votes
0
answers
13
views
How to get the Wi-Fi admin password? [closed]
I bought a ZTE MF79U modem a long time ago. Now I need it and there is a need to dig around in the admin panel (which is hosted as an HTML document on 192.168.?.1). And here's the annoying thing, I ...
-1
votes
0
answers
17
views
What Other Decimal Smart Contracts Vuln In Web3 Wallets Are Out There?
What if you put a different decimal like 1, 2, 80000, 16000 or higher decimal.... how will smart contract tokens react in the Web3 Wallet after importation?
Are they any Smart Contracts Web3 wallet ...
-1
votes
0
answers
18
views
Can WebKit vulnerabilities be exploited by just processing a malicious link?
I'm trying to understand the mechanics of WebKit vulnerabilities, such as CVE-2023-42916, which involve processing malicious web content. Specifically, I want to know if these vulnerabilities can be ...
-4
votes
0
answers
108
views
Why does the first code cause a segmentaiton fault while the later one doesn't?
I'm self-studying csapp, and currently stuck at level-3 of Attack Lab. This lab requires you to
inject some code by a 40-byte input string. The basic idea is that you input a 48-byte string,
with the ...
1
vote
0
answers
72
views
Format string vulnerability not showing values on the stack
PROBLEM
I am trying to put together a short demonstration of a simple hack for a presentation about cyber-security. I thought about using a format string vulnerability, and heavily inspired by this ...
0
votes
1
answer
43
views
Shellcode stub got exited right after executed in Buffer Overflow Exploitation
I am currently playing around with some exploitation techniques in 64-bit Intel executable. My program was compiled with canary protection disabled (-fno-stack-protector), buffer overflow error ...
2
votes
1
answer
88
views
After modifying msr[lstar], why the expected breakpoint cannot be hit?
I discovered a driver vulnerability that allows arbitrary modification of the msr register.
A common attack scenario is to modify msr[lstar] to point it to the attacker's malicious code. Then, when ...
0
votes
0
answers
60
views
Unable to update searchsploit due to git bug
Whenever I do searchsploit -u I get this error:
[i] Git pull'ing
POST git-upload-pack (317 bytes)
fatal: couldn't find remote ref master
[-] Git conflict
fatal: empty string is not a valid pathspec. ...
-1
votes
2
answers
49
views
Why does an empty method works like a sink in JavaScript?
I define object a with an empty method b(). The method has no parameter and does nothing!
Please someone tell me, why when I call a.b() and pass JS code as a parameter, does it execute the code?
...
1
vote
1
answer
89
views
Exploiting this code in order to change grade into an A+
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <string.h>
/*
I obtained access to the professor's grade management program.
Can I change my grade to an '...
0
votes
1
answer
42
views
Buffer does it stay or get popped of the stack?
Just a quick question, lets say we have this following C code:
int hello(){
char arr[16];
scanf("%s",arr);
printf("%s",arr);
return 0;
}
I have a doubt that when the arr ...
0
votes
0
answers
18
views
Possibilities of Bypassing the Constructed attributes for input sanitization
Hello All I have implemented the following pattern for sanitizing the XSS input. Can you help me if there is any possibility or any payload that can be constructed in bypassing the below patterns
str =...
0
votes
0
answers
60
views
Insecure Deserialization in C# (.NET) using NewtonsoftJson
I am working on a Web API that needs to call a 3rd party Web API to achieve some features. That 3rd party's API's design is sort of a "God API" such that it takes a generic object type to ...
1
vote
0
answers
59
views
Format string exploitation, how to write memory?
I have the following simple program:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
int main(int argc, char ** argv) {
if(argc < 2) {
printf("Missing ...
0
votes
0
answers
80
views
Predicting V8's Math.random() truncated outputs
I'm doing a research & working around Math.random() like a month ago.
Math.random() uses XORSHIFT128+, so, if we can get the state of the PRNG, it'll be easy to predict future outputs.
It is ...