Metasploit mailing list archives
slowly beginning to understand
From: neil-on-metasploit at restricted.dyndns.org (Neil)
Date: Fri, 17 Sep 2004 19:16:26 -0500
Hey guys, I read the articles sent to me earlier. I am beginning to understand how a network daemon can be exploited. Like in the example mem.c, there was a declaration on a variable that was statically allocated with a 64 byte char or int. I couldn't remeber. So if we actually send more than 64 byte, the daemon experiences segmentation fault. So in that article, it used gdb to step to each instruction. This is however in the opensource world. What if we were trying to reverse engineer a Microsoft or commercial binary network service/daemon, what is the tool to use? Going back to gdb, what should we look for that identifies that a variable was set with a fixed memory allocation? Thanks guys. neil
Current thread:
- slowly beginning to understand Neil (Sep 17)
- slowly beginning to understand Arcangel (Sep 17)
- slowly beginning to understand netmask (Sep 17)
- Re: slowly beginning to understand Neil (Sep 17)
- slowly beginning to understand netmask (Sep 17)
- slowly beginning to understand Arcangel (Sep 17)