I saw a video on youtube where a guy was trying to find a buffer overflow on a remote server. He had turned core dumps on. He allocated a big stream of characters and sent it to the application. The application crashed and a core dump was generated on the user machine, not the server.
How is this possible? I mean, can a user get the state of the memory and registers on a remote application, which he has no proviledge on, just because the server crashed?
No, that means the core dump was generated on the server side, am i correct? (If that is the case, then it is futile to rely on core dumps for remote analysis, since you dont have access to them)
But the point of the video was to discover buffer overflows from remote targets with no priviledges on... Am i missing a point?
Am i missing a detail about generating or accesing core dumps?
Ok, i got the answer to this. Kuba you are right! The user machine and the server is actually the same computer!
What he did was crashing the server from localhost, to discover a potential buffer overflow vulnerability, for PoC.
The video is on Youtube, and it's called "Overflow Exploitation, step by step"