Computer memory, Control flow, C, Buffer overflow, Address space, Stack buffer overflow

Pwn2Own: A Tale of a Bug Found and Lost Again

On Jan 28, 2021
@CrowdStrike shared
This blog post describes our journey of identifying and exploiting a vulnerability on the Western Digital My Cloud Pro Series PR4100 NAS (already identified and fixed by WD). https://t.co/mxp3p8RquF via @HeinrichsH @___luks___ #cybersecurity https://t.co/2sNM1qw0us
Open

In this blog, we describe our journey of identifying and exploiting a stack-based buffer overflow vulnerability on the Western Digital My Cloud Pro Series PR4100 NAS.

www.crowdstrike.com
On Jan 28, 2021
@CrowdStrike shared
This blog post describes our journey of identifying and exploiting a vulnerability on the Western Digital My Cloud Pro Series PR4100 NAS (already identified and fixed by WD). https://t.co/mxp3p8RquF via @HeinrichsH @___luks___ #cybersecurity https://t.co/2sNM1qw0us
Open

Pwn2Own: A Tale of a Bug Found and Lost Again

Pwn2Own: A Tale of a Bug Found and Lost Again

In this blog, we describe our journey of identifying and exploiting a stack-based buffer overflow vulnerability on the Western Digital My Cloud Pro Series PR4100 NAS.

‘Insight’ into Home Automation Reveals Vulnerability in Simple IoT Product

‘Insight’ into Home Automation Reveals Vulnerability in Simple IoT Product

Eoin Carroll, Charles McFarland, Kevin McGrath, and Mark Bereza contributed to this report.  The Internet of Things promises to make our lives easier. Want to remotely turn lights and ...

Notes on Build Hardening

Notes on Build Hardening

I thought I'd comment on a paper about "build safety" in consumer products, describing how software is built to harden it against hackers t...

Practical case: Buffer Overflow 0x01

Practical case: Buffer Overflow 0x01

Open a terminal (or PuTTY on Windows) and use SSH to connect to the machine, where [ip] equals the IP of the virtual machine: ssh [email protected][ip] The password remains user, since you now connect ...