![]() Set breakpoint where stack canary is checked (at xor instruction), and run the program. You can also attach to child process from gdb if it's running (you may require higher privileges to attach to process or check ptrace_scope) with attach or at followed by pid of process. If you want to follow parent you can set it to parent. ![]() Let's load the binary in gdb and set follow-fork-mode child so that gdb automatically attaches to child process on fork since buffer overflow is in handle request function which is executed in child process.
0 Comments
Leave a Reply. |