Plaid CTF 2015 writeup(prodmanager, clifford, ebp, unknown)

Categories CTF

1. prodmanager(180 points)

prodmanager is a product manage system. After a short investigation of the source code, I found that there is a UAF vulnerability of double linked list. Actually the program did not manage product list and lowerest price list properly, an item which is freed in the product list still presents in the lowerest price list. Continue reading “Plaid CTF 2015 writeup(prodmanager, clifford, ebp, unknown)”