Corelan — Integer Overflows — Exercise Solution

At the end of the Corelan — Root Cause Analysis — Integer Overflows article by Jason Kratzer (pyoor) there is a challenge to complete an integer overflow exploit for the GOM Media Player 2.1.43.5119 using a generic Heap Lookaside List Overwrite technique.

In this article I will cover all of the steps involved in slowly navigating the heap to gain arbitrary code execution. I assume you have studied pyoor’s excellent article and are familiar with the specifics of the integer overflow vulnerability in the GOM Media Player. This allows me to…