I am here again, a little more active than the previous weeks. Now, I have a challenge for YOU. I've been very interesting for some time in Binary Analysis, as you may know this is not an easy task, and in order to complete such you must be able to understand C/ASM code mainly.
So, what's the challenge? The objective is not to trigger the vulnerability, in other words don't think that the target is to control EIP -which actually you can do it- but not for this case, instead, you should be able to describe the root cause of the vulnerability, how did you find it and the steps you found it using the tools of your election, say through a Debugger, IDA or whatever.
The target file is a simple executable that you can download from here:
To have a most closer look about what I am expecting as a solving tutorial is something like this:
I truly believe that these practices are very good to reinforce or learn new things related to binary analysis.
For those that join the challenge can send the solution to my mail. BTW, the submitted solutions will be published here.