Comments (5)
firmianay
commented on July 17, 2024
1
Well, there are other security issues. There is no limit to the length of program parameters, which may cause overflow.
src/client/client.c
void main(int argc, char* argv[]){
...
int opt;
char dest_address[32];
char path_arg[512];
while ((opt = getopt(argc, argv, ":S:c:e:u:a:p:s:h")) != -1) {
switch (opt) {
case 'S':
...
strcpy(dest_address, optarg);from triplecross.
0xjet
commented on July 17, 2024
You're right. There is surely more instances like this one. Tagging this as a security bug to be fixed at some point. Thanks!
from triplecross.
Ifex370
commented on July 17, 2024
Is this the reason I get
Illegal instruction (core dumped) - when I run ./simple_timer. and a
segmentation fault (core dumped) - when I run ./simple_open?
I have not been able to carry out a PoC due to the above errors.
from triplecross.
h3xduck
commented on July 17, 2024
@Ifex370 I am moving your issue to a different thread (#44) since it is not related to this security-related issue
from triplecross.
firmianay
commented on July 17, 2024
https://nvd.nist.gov/vuln/detail/CVE-2022-35505
https://nvd.nist.gov/vuln/detail/CVE-2022-35506
Discoverer: Chao Yang@Li Auto
from triplecross.
Related Issues (20)
- Final C2 version
- Update C2 V1 to work with complete protocol (shown in image sent by email)
- Update library for new hidden protocol with packet splitting
- TFG documentation writing
- Scanning and writing module at processes memory
- Use openssl to create secure channel connections
- Enhancement: try to hide used space from df and other userspace tools
- make all error~ HOT 12
- TC program compilation __stack_chk_fail not supported HOT 4
- user/kit.c:395:40: error: ‘XDP_FLAGS_REPLACE’ undeclared (first use in this function) HOT 1
- Makefile 102row -lbpf? how do i install it HOT 3
- Library injection path error: Segfault simple_timer and simple_open HOT 5
- When run deploy.sh, i meet loadbpf: load bpf program failed: Permission denied.
- Cannot injector to victim with -c option HOT 5
- libssl.so.1.1: cannot open shared object file: No such file or directory
- make with libbpf 1.0.1: undefined reference to `bpf_get_link_xdp_id' HOT 1
- Permission Denied: classifier_egress not load HOT 10
- Verifier issue when running XDP module HOT 1
- error: unknown target triple 'bpf', please use -triple or -arch
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from triplecross.