Tag: buffer overflow

Learn Cybersecurity for FREE

CVE-2006-3747: Remote Code Execution in Apache

CVE-2006-3747 POC & exploit for Apache 1.3/2.0/2.2 mod_rewrite off-by-one, SecurityFocus https://www.securityfocus.com/archive/1/443870 More info about the vulnerability in my github: https://github.com/defensahacker/CVE-2006-3747 The original exploit code was: As I didn’t use Metasploit back in 2006, I had to rewrite my own shellcode in assembler to avoid badchars like the slash (“/”). The payload was generated from this…
Read more

Exploiting the stack: Off-by-one technique

In this post I will explain how the stack is structured in Linux and how to exploit successfully a buffer overflow with only 1 byte overflowed (off-by-one technique).