`LD_PRELOAD` based formatstring security checker

Author: Jonathan Krebs

License: CC0

I use this in CTFs to check if user input is used as printf/scanf format string. Checks if the format argument of the printf or scanf families is a writable memory mapping, and if so, prints the memory location and value.

usage:

LD_PRELOAD=$PWD/libformatcheck.so target_binary

# compile and test:
make
LD_PRELOAD=$PWD/libformatcheck.so ./demo thisstringwillbefound
# make demo will also call this

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
.gitignore		.gitignore
Makefile		Makefile
README.md		README.md
formatcheck.c		formatcheck.c
printf_demo.c		printf_demo.c

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.gitignore

.gitignore

Makefile

Makefile

README.md

README.md

formatcheck.c

formatcheck.c

printf_demo.c

printf_demo.c

Repository files navigation

`LD_PRELOAD` based formatstring security checker

About

Releases

Packages

Languages

TheJonny/formatcheck

Folders and files

Latest commit

History

Repository files navigation

LD_PRELOAD based formatstring security checker

About

Resources

Stars

Watchers

Forks

Languages

`LD_PRELOAD` based formatstring security checker