About  Project Blog Resources

Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

F5 Big IP - ASM stack-based buffer overflow in is_hdr_criteria_matches- 409

fwilhelmPosted 5 Years Ago
  • F5 Big IP allows for network traffic control and several other features. Naturally, this requires a bunch of data processing in order to do properly.
  • When processing response headers, there is a function that attempts to match if this is something that can be returned. While doing this processing, there is an integer underflow in a size validation. Because of this underflow, the validation does not work, this turns into a buffer overflow.
  • The F5 Big IP does not have any standard mitigations, such as ASLR or NX. Because of this, once the overflow occurs, shellcode can be embedded into the process to pop an easy shell.
  • The bug is complicated to trigger, as an attacker would not have direct access to the size of the response. So, this would take further steps in order to exploit.

Maxwell DulinEmail me!TwitterGithubAdminBlog RSS FeedResources RSS Feed