tags:stack_overflowmitigationmethodologylearning_resource original link: 4 exploits, 1 bug - Exploiting CVE-2024-20017 4 Different Ways newsletter link: exploits.club Weekly Newsletter 37 - Juicy Overflows, The Art Of Exploitation, Rust in Firmware, and More
Exploits Club Summary:
Getting around various mitigations and remembering exploit strategies can be quite the challenge. Thankfully, @hyprdude’s most recent post should help you out. The write-up walks through a stack overflow he found in the MediaTek MT7622/MT7915 SDK. It gets fun, though, because he wrote 4 different exploits, leveraging different strategies depending on the mitigations in place. Starting with no mitigations (ROP to system, baybee), the post works up to his working exploit for the Netgear WAX206 (NX, ASLR, PIE, full RELO). It’s a banger of a post, check it out.