today I wanna point out this nice Exploit on PHP 6.0 Dev. str_transliterate() Buffer Overflow, implemented by Pr0T3cT10n. Why I say that it's a nice exploit ? Well, in my opinion this is a great easy example of Buffer Overflow.. optimal to learn and amazing to show that even new applications own old bugs due to poor security development.
Right now I'm thinking to CeSeNA folks (cesena.ing2.unibo.it), many of them burn to know how to inject a shell code through Buffer Overflow. For all of you interested on the "art of exploitation", I totally suggest to start from this self-commenting example. (Click to Enlarge)
There are no comments regarding shellcodes since I've discussed a lot in the past. I will probably use this exploit during my future talks on Buffer Overflow. Hope you enjoy this didactic exploit.
Original Vulnerable app (Download here)
Yes, of course: \u4141 is two 'A' , and \u9090 is two NOPs. Basically 20 x (2)NOP = 40 and 256 x (2)A = 512. Thanks to TheLeader for pointing it out .