CodeJitsu targetted DeepRed running NRFIN_00052 in round 91.

Type 1 POV

eip:0x4080ca8c - esi:0xc6062a80

Execution control corruption via return (return to: 0xbaaaaa04).

Tracing data from eip: 0x804aa8d tracing source of memory: 0xbaaaaa04 (value: 0x4080ca8c)

0x804a9de : receive syscall (return)
0x804aa74 : mov ecx,dword ptr [edx]
0x804aa8a : mov dword ptr [esp],ecx
0x804aa8d: ret // address: 0xbaaaaa04 value: 0x4080ca8c

Negotiated general register: esi:0xc6062a80

Tracing data from eip: 0x804aa8d tracing source of register: esi (value: 0xc6062a80)

0x804a9de : receive syscall (return)
0x804aa7f : mov esi,dword ptr [edx+0x10]
0x804aa8d: ret // address: esi value: 0xc6062a80

Curated by Lunge Technology, LLC. Questions or comments? Send us email