by

Buffer Overflow Golang Fuzzer (64bit)

Hi there,

Today i just want to share about buffer overflow and a fuzzing tool to check buffer overflow vulnerability.

What is Buffer Overflow?

A buffer overflow occurs when a program or process attempts to write more data to a fixed length block of memory, or buffer, than the buffer is allocated to hold. Since buffers are created to contain a defined amount of data, the extra data can overwrite data values in memory addresses adjacent to the destination buffer unless the program includes sufficient bounds checking to flag or discard data when too much is sent to a memory buffer.
Source : http://searchsecurity.techtarget.com/definition/buffer-overflow

 

Golang Buffer Overflow Fuzzer

Ok, lets begin.. i have this vulnerable code :

and here is my fuzzer in golang language :

 

Now, i run my fuzzer to find the RIP (instruction pointer) address :
Buffer overflow 64 bit fuzz example

Lets debug it using gdb :

 

Yes, the RIP has been overwritten to 0x0000424242424242 (BBBBB)

Thats all from me, i will try to increase the ability for this tool by accessing gdb directly from this tool to automate the exploitation.

Regards

Leave a Reply

Your email address will not be published. Required fields are marked *