Ransom Lockbit 3.0 MVID-2022-0620 Buffer Overflow
Posted by deepcore on July 4, 2022 – 9:24 pm
Lockbit ransomware version 3.0 apparently now requires a password to execute as noted by “@vxunderground”, but does not properly check bounds for both the -pass and -k arguments. Supplying a long string of characters for either flag will trigger a unicode stack buffer overflow overwriting the ECX register and structured exception handler (SEH).
Post a reply
You must be logged in to post a comment.