EXPLOITING BUFFER OVERFLOWS ON MIPS ARCHITECTURES

Posted on Posted in Hacker News, Paper

INTRODUCTION

In this paper I will walk the reader through the process of writing a code execution exploit that runs on a MIPS device. The exploit described in this paper targets an actual vulnerability in the ZHONE router gateway I published in October 2015. More information about the vulnerability can be found here:

http://www.securityfocus.com/archive/1/536666

Triggering the stack overflow is rather easy with a simple one-liner that sends an overlong string to the router’s Web Administrative Console.

GET /<7000 A’s>.cgi HTTP/1.1
<Other HTTP Headers>

Paper

Quelle: Exploit-db

 

 

 

Facebooktwittergoogle_plus