Random Note #092345: Passing binary input via GDB

randomnote gdb exploitation reverse-engineering

When trying to exploit an application it’s useful to send the input via gdb to immediately check how the input is being processed. But once the gdb is open it’s sometimes not clear how to pass binary input to applications reading from stdin, e.g. using read. An easy way is to start the debugging session with gdb ./binary and using

run < <(printf "\xAA\xAA\xAA")

from the gdb session to send arbitrary bytes.

Analysis of Satisfyer Toys: Discovering an Authentication Bypass with r2 and Frida

radare2 r2 frida r2frida reverse-engineering web vulnerability

Command Injection in LaTeX Workshop

exploitation vulnerability

Haxxoring a Hisense Smart TV

exploitation reverse-engineering vulnerability