CloudMe 1.11.2 Buffer OverFlow – Exploit Development.
This is Febin,
Twitter : febinrev
In this Post , I am gonna demonstrate windows Stack buffer overflow and exploit development in CloudMe 1.11.2 .
CloudMe is a cloud storage service. This buffer overflow vulnerability was patched and the exploit is released publicly in 2018 (CVE-2018–6892).
This is a Local Privilege Escalation Vulnerability
This demo will help guys who are preparing for OSCP or equivalent Certifications and also help guys (like me!) who wanna learn advanced hacking and exploit development. There are some executables/apps like “vulnserver” that are intentionally built to be vulnerable for educational purposes, but this is a real life application. So, basically we are developing a real exploit and attacking a real app.