GOT Overwrite
The Global Offset Table (GOT) stores the actual location in imported libraries ( such as libc
) of functions. Overwriting one of these addresses can allow the attacker to gain control over the program or to execute arbitrary code.
How it works ?
The attacker overwrites a targeted GOT entry, using buffer overflow or format string exploit for example**,** with the address of an arbitrary function such as system
. When the initial function is called, the program will jump to the arbitrary function instead of the intended function.
Code example
Using format string it's possible to overwrite any GOT entry :
Last updated