A simple little program vulnerability analysis and exploit-vulnerability warning-the black bar safety net

2014-10-05T00:00:00
ID MYHACK58:62201454294
Type myhack58
Reporter 佚名
Modified 2014-10-05T00:00:00

Description

Body

Description: readfile. exe is the vulnerability of the program, it reads the c:\overflow. txt file, and the contents of the file in the dialog form pop up.

Analysis process:

First step:

In overflow. txt text input 1 2 3 4 Using readfile. exe opened, program executed properly. In the text input 1 1 1 1 2 2 2 2 3 3 3 3 4 4 4 4 5 5 5 5 6 6 6 6 7 7 7 7 8 8 8 8, Using readfile. exe is opened, the results are as follows:

! 1 1 1 1

Program abnormal. The analysis shows that, when the file content is too long, it will cause the program to problems when the file is too long, the file content will be a function of the stack the return address of the cover, causing the program can not return to normal, abnormal.

Second step:

使用 OD 加载 readfile.exe for tracking, locate MessageBoxA position, set a breakpoint. As follows:

! 2 2 2 2

Press the F9 key, the program execution, the program stops at the breakpoint, continue by pressing F9

! 3 3 3 3

Click OK, the program continue execution, stop at breakpoints 77D50830, F7 single-step tracking, program to the upper function:

! 4 4 4 4

[1] [2] [3] [4] [5] next