Disekt targetted DeepRed running CROMU_00073 in round 29.

Type 2 POV

Reading from protected address: 0x4347c001

0xbaaa8cfb : mov edi,dword ptr [0x4347c001]

The application exited with a segmentation fault

0: 0 // esp: 0

Execution control corruption via return (return to: 0xbaaaaef8).

Tracing data from eip: 0x80482c6 tracing source of memory: 0xbaaaaef8 (value: 0x8050313)

0x805027d : receive syscall (return)
0x80483b7 : mov dl,byte ptr [ecx+eax]
0x80483c7 : mov byte ptr [ecx+eax],dl
0x80482c6: ret // address: 0xbaaaaef8 value: 0x8050313

Execution of memory occurred that was not part of the initial text sections or an executably allocated page.

Tracing data from eip: 0xbaaaaeba tracing source of memory: 0xbaaaaeba (value: 0x9958036a)

0x805027d : receive syscall (return)
0x80483a3 : mov dl,byte ptr [ecx+eax]
0x80483ad : mov byte ptr [ecx+eax],dl
0xbaaaaeba: push 3 // address: 0xbaaaaeba value: 0x9958036a

Curated by Lunge Technology, LLC. Questions or comments? Send us email