I love the brain dump on BOFs. I was at a company sponsored class over the summer and wrote an exploit for Adobe flash the same way you just did. I hadn’t done one of those in a while and forgot how much fun it really is. For the class we had access to IDA Pro as well as another tool similar to the old Ollydbg, x64dbg. And while those tools certainly do help, having a tool for fuzzing is essential. And yes, some machine code experience also helps. Again thanks for the write-up.
- This reply was modified 11 months, 1 week ago by Michael J. Conway.