Few months ago I decided to fuzz a software related to DICOM file format. Quick local buffer overflow found in one of them - Sante PACS Server - is presented in the details below. Here we go...
This time we'll start here:
Similar to the previous '(night) fuzzing sessions after I installed the app on my VM I started it to check how can I use it. One of the available functionality was 'adding users':
So I decided to try it, like this:
Next:
To create a new User Name I used create_pattern script from Metasploit Framework:
Now - with Windbg started with -I param as a postmortem debugger - we should be somewhere here:
See you next time!
Brak komentarzy:
Prześlij komentarz