Shellphish targetted ForAllSecure running NRFIN_00052 in round 91.


Type 1 POV

eip:0x291ca9d - edx:0xc6062a91


Execution control corruption via call.

Tracing data from eip: 0x8048fab tracing source of register: ecx (value: 0x291ca9d)

0x804a9de : receive syscall (return)
0x8049368 : mov dl,byte ptr [eax+ecx]
0x8049371 : mov byte ptr [eax+ecx],dl
0x8048f99 : mov ecx,dword ptr [0x8060e90]
0x8048fab: call ecx // address: ecx value: 0x291ca9d

Negotiated general register: edx:0xc6062a91

Tracing data from eip: 0x8048fab tracing source of register: edx (value: 0xc6062a91)

0x804a9de : receive syscall (return)
0x8049368 : mov dl,byte ptr [eax+ecx]
0x8049371 : mov byte ptr [eax+ecx],dl
0x8048f9f : mov edx,dword ptr [0x8060e38]
0x8048fab: call ecx // address: edx value: 0xc6062a91

Curated by Lunge Technology, LLC. Questions or comments? Send us email