I’ve decided to work on my binary exploitation skills lately so I went after some pwn challenges. Syscalls from this year’s UIUCTF was one of them. I learned a ton from it and figured it might be worth sharing. ...
As part of a security research, my collegue parzel and I examined the commercial and open source spam filter appliance MailCleaner. It turned out that the software was not fully aware of the flexibility offered by email address specifications, and as a result, we found an RCE that could be triggered by sending a malicious email. ...