0PricingLogin
Cyber Security Academy · Lesson

Format String Vulnerabilities

Exploit printf format strings to read arbitrary memory and write to arbitrary addresses.

What is a Format String Vulnerability?

A format string vulnerability occurs when user input is passed directly as the format string argument to printf() or similar functions. The attacker can read memory, leak stack addresses, and write arbitrary values.

The Vulnerable Pattern

Vulnerable vs safe:

// VULNERABLE - user controls the format string:
printf(user_input);
fprintf(stderr, user_input);

// SAFE - user input is a data argument:
printf("%s", user_input);

All lessons in this course

  1. Stack Buffer Overflows
  2. Return-Oriented Programming (ROP)
  3. Format String Vulnerabilities
  4. Heap Exploitation: Use-After-Free and Heap Spraying
← Back to Cyber Security Academy