English
资源说明:sample exploit of buffer overflow in libpng
Sample exploit using CVE-2010-1205 vulnerability in libpng (<=1.4.2) gregbook - set of sample programs distributed with libpng sources generate - generates malicious png file which triggers heap-overflow while reading the file with libpng steps to reproduce: ./build.sh # build all libraries and executables. gregbook/rpng2-x is linked against libpng-1.4.2 (buggy) ./generate/build/generate # generates xploit.png - malformed png file cd gregbook/ ./rpng2-x ../xploit.png # run explaple which shows how to use libpng to display png file. Ends with Segmentation fault. steps to run with fixed libpng version (1.4.3): in gregbook/Makefile edit line 33: PNGDIR = ../libpng-1.4.3 in gregbook directory run: make clean && make ./rpng2-x ../xploit.png # opens window with the png file
本源码包内暂不包含可直接显示的源代码文件,请下载源码包。
