ForAllSecure targetted Disekt running CROMU_00097 in round 18.

Type 2 POV

Reading from protected address: 0x4347c295

0xbaaaaecd : push dword ptr [0x4347c295]

Execution control corruption via return (return to: 0xbaaaaee8).

Tracing data from eip: 0x804eb81 tracing source of memory: 0xbaaaaee8 (value: 0xbaaaaec6)

0x804eb7d : receive syscall (return)
0x804eb81: ret // address: 0xbaaaaee8 value: 0xbaaaaec6

Execution of memory occurred that was not part of the initial text sections or an executably allocated page.

Tracing data from eip: 0xbaaaaec6 tracing source of memory: 0xbaaaaec6 (value: 0xf389f631)

0x804eb7d : receive syscall (return)
0xbaaaaec6: xor esi,esi // address: 0xbaaaaec6 value: 0xf389f631

Curated by Lunge Technology, LLC. Questions or comments? Send us email