Vortex Level 4

To exec or not to exec

This is the common format string bug, exploit it with care though as a check is made with argc. What is the layout of a process's memory? How are programs executed?

Reading Material

Format String Technique
Exploiting Format String Vulnerabilities
Bypassing StackGuard and StackShield

Source code

// -- andrewg, original author was zen-parse :)
#include <stdlib.h>
#include <stdio.h>

int main(int argc, char **argv) {
        if(argc)
                exit(0);
        printf(argv[3]);
        exit(EXIT_FAILURE);
}

Previous Next