ASU CSE 466

Module: Format Strings

TODO

Slides

The slides for this module are:

Practice

Again, you will practice on a set of generated challenges. There is a /flag file, and you get to choose one binary on which the SUID flag will be set. The binaries that you are allowed to choose are all under the /pwn directory.

Each program takes user input and will eventually printf() it. You can subvert the program functionality by injecting a malicious format string. If you are successful, you can use it to read the /flag file.

Resources

Useful resources:

TODO