CodeJitsu targetted Disekt running NRFIN_00052 in round 78.

Type 1 POV

eip:0xa3eb5875 - edx:0x86e374d1

Execution control corruption via call.

Tracing data from eip: 0x804904f tracing source of register: ecx (value: 0xa3eb5875)

0x804a86d : receive syscall (return)
0x804938e : mov dl,byte ptr [eax+ecx]
0x8049397 : mov byte ptr [eax+ecx],dl
0x8048fd0 : mov ecx,dword ptr [0x804cf58]
0x8048fee : mov dword ptr [0x804bea4],ecx
0x8049043 : mov ecx,dword ptr [0x804bea4]
0x804904f: call ecx // address: ecx value: 0xa3eb5875

Negotiated general register: edx:0x86e374d1

Tracing data from eip: 0x804904f tracing source of register: edx (value: 0x86e374d1)

0x804a86d : receive syscall (return)
0x804938e : mov dl,byte ptr [eax+ecx]
0x8049397 : mov byte ptr [eax+ecx],dl
0x8048fd6 : mov edx,dword ptr [0x804cf00]
0x8048fe8 : mov dword ptr [0x804bea0],edx
0x804903d : mov edx,dword ptr [0x804bea0]
0x804904f: call ecx // address: edx value: 0x86e374d1

Curated by Lunge Technology, LLC. Questions or comments? Send us email