wannabe finder of vulnerabilties Hi, I am Swapnil aka iamalsaher on most platforms. These posts are gonna describe my journey with Cybersecurity and wherever it takes me. I basically focus on Reverse-Engineering, Vulnerability Analysis and Exploitation. I love writing tools and softwares to automate as much as I can. Feel free to reach out to me.
Twitter Linkedin GitHub Email Resume
This post is a complete walkthrough for the process of writing an exploit for CVE 2019-18634. I will talk about the methodologies used and why is it such a good bug to begin your real world exploitation skills. This bug allows for Local Privilege Escalation because of a BSS based overflow, which allows for the overwrite of user_details struct with uid 0, essentially escalating your privilege. This bug can be triggered even by users not listed in the sudoers file There is no impact unless pwfeedback has been enabled.