Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
The PIC Buffer Overflow

As, injecting RF4CE packets was possible, I started fuzzing the STB by sending it crafted packets.

I quickly noticed that sending large RF4CE data frames was sometimes having surprising effects on the PIC. Depending on the length and content of the payload data, the microcontroller was sometimes freezing or even resetting.

It obviously looked like a buffer overflow. But how to exploit a buffer overflow on a PIC microcontroller? Is there anything “evil” to achieve considering this PIC is only used for basic functions?

To answer these questions, I’ll first have to introduce basics of the PIC Enhanced Midrange architecture. Readers already familiar with it may feel free to skip this section. I’ll then highlight points that make “exploiting” a buffer overflow on such a device tricky.

“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV

Forum Jump:

Users browsing this thread: 1 Guest(s)