Windows Stack Buffer Overflow in a real life app — Exploit development — CloudMe_1.11.2 Buffer Overflow-CVE-2018–6892

CloudMe 1.11.2 Buffer OverFlow – Exploit Development.

Febin

Hi,

This is Febin,

Twitter : febinrev

In this Post , I am gonna demonstrate windows Stack buffer overflow and exploit development in CloudMe 1.11.2 .

CloudMe is a cloud storage service. This buffer overflow vulnerability was patched and the exploit is released publicly in 2018 (CVE-2018–6892).

This is a Local Privilege Escalation Vulnerability

This demo will help guys who are preparing for OSCP or equivalent Certifications and also help guys (like me!) who wanna learn advanced hacking and exploit development. There are some executables/apps like “vulnserver” that are intentionally built to be vulnerable for educational purposes, but this is a real life application. So, basically we are developing a real exploit and attacking a real app.

Lets Go!

How to find valid and impactful CSRFs

Hi , i am Febin , a security researcher. This is my first post in OBB blog, which is about the mighty CSRF attack. IMPACT OF CSRF: In a successful CSRF attack, the attacker causes the victim user to carry out an action unintentionally. For example, this might be to change the email address on…