Stack Overflow on https://n9o.xyz/tags/stack-overflow/ Recent content in Stack Overflow on Hugo -- gohugo.io en © 2026 Vaishnav Baraskar Sun, 20 Apr 2025 00:00:00 +0000 Overflow in Silence: Stack Smash in MedBoard Log Viewer (x64) https://n9o.xyz/reverseengineering/medboard/ Sun, 20 Apr 2025 00:00:00 +0000 https://n9o.xyz/reverseengineering/medboard/ <h1 class="relative group"><strong>Prologue — The Calm Before the Buffer Break</strong> <div id="prologue--the-calm-before-the-buffer-break" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#prologue--the-calm-before-the-buffer-break" aria-label="Anchor">#</a> </span> </h1> <p>I wasn&rsquo;t looking for trouble. Just bouncing between binaries on a slow weekend, half-interested in what outdated software still lingers in hospital networks. That’s when I stumbled on <strong>MedBoard Log Viewer</strong> — a quiet little utility meant to process and display logs in a fancy UI. But it was the backend log-loading routine that caught my eye. And once I spotted <code>strcpy</code>, I leaned forward.</p> Copy, Paste, Exploit: Buffer Overflow in EduGrade Import Engine https://n9o.xyz/reverseengineering/edugrade/ Wed, 18 Sep 2024 00:00:00 +0000 https://n9o.xyz/reverseengineering/edugrade/ <h2 class="relative group">4. Buffer Overflow in EduGrade Import Engine (x64) <div id="4-buffer-overflow-in-edugrade-import-engine-x64" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#4-buffer-overflow-in-edugrade-import-engine-x64" aria-label="Anchor">#</a> </span> </h2> <p><strong>Platform:</strong> Windows 10 x64<br> <strong>Target:</strong> EduGrade Desktop (Import Engine Parser)<br> <strong>Discovered:</strong> August 2024<br> <strong>Status:</strong> Local Privilege Escalation (unpatched)<br> <strong>CVSS (Est.):</strong> 7.6 – Local overflow leads to code execution</p> Escape Protocols: Get Out Series Reversals – BSidesSF 2023 https://n9o.xyz/capturetheflag/getoutseries/ Sat, 04 Mar 2023 00:00:00 +0000 https://n9o.xyz/capturetheflag/getoutseries/ <h1 class="relative group"><strong>Prologue — Three Layers Deep</strong> <div id="prologue--three-layers-deep" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#prologue--three-layers-deep" aria-label="Anchor">#</a> </span> </h1> <p>When I first saw the <code>Get Out</code> series in BSidesSF 2023, I thought it was going to be a quick play. A warmup, a logic check, and maybe some light patching. I didn’t realize I was about to sink hours into crafting an RPC client from scratch, abusing a fresh CVE, and building an exploit chain with an old-school stack overflow.</p>