https://blog.qualys.com/vulnerabilities-threat-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit - heap based bof in sudo
CVE-2017-12542 with HP iLO (Integrated Lights Out) Management devices. Just sending 29 characters in an HTTP Header parameter caused a buffer overflow which bypassed login.
sometimes - no need for an actual payload that you'll read more about later since the system "failed open" upon reaching an error.
usually seen on c or c++ as these are performance based and require the user to do the memory management which bring in security issues.
Java has garbage collection and does memory management
Exploit Dev intro
The Exploitation Phase goal is to use the information found and its analysis to exploit the potential ways to gain interaction and/or access to the target system.
Such exploit codes often serve as proof-of-concept (POC) in our reports.
2 types:
0-day (unknown codes)
N-day (known codes)
CPU Architecture
The architecture of the Von-Neumann was developed by the Hungarian mathematician John von Neumann, and it consists of four functional units:
Memory
Control Unit
Arithmetical Logical Unit
Input/Output Unit
Each CPU has an architecture on which it was built. The best-known CPU architectures are:
