Disekt targetted CSDS running CROMU_00064 in round 20.


Type 2 POV

Reading from protected address: 0x4347c001

0xbaaaac3c : mov edi,dword ptr [0x4347c001]

The application exited with a segmentation fault

0: 0 // esp: 0

Execution control corruption via return (return to: 0xbaaaac58).

Tracing data from eip: 0x80494a2 tracing source of memory: 0xbaaaac58 (value: 0xbaaaac31)

0x804ffce : receive syscall (return)
0x80494a2: ret // address: 0xbaaaac58 value: 0xbaaaac31

Execution of memory occurred that was not part of the initial text sections or an executably allocated page.

Tracing data from eip: 0xbaaaac31 tracing source of memory: 0xbaaaac31 (value: 0x3199c031)

0x804ffce : receive syscall (return)
0xbaaaac31: xor eax,eax // address: 0xbaaaac31 value: 0x3199c031

Curated by Lunge Technology, LLC. Questions or comments? Send us email