Metasploit mailing list archives
[Semi OT] Auto return address / padding discovery - is it possible?
From: Konrads Smelkovs <konrads () smelkovs com>
Date: Sat, 21 Nov 2009 15:48:47 +0200
Once in a while I stumble across a vulnerable system for which I don't have ret address. The official solution is then to obtain the same version of OS and software, load debugger and discover the new address. I wonder how difficult would it be to use some brute-forcing and try to discover the return address. Taking a step further, if during testing of a, say, appliance one would discover a likely stack/heap overflow, to try to guess the padding? -- Konrads Smelkovs Applied IT sorcery.
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- [Semi OT] Auto return address / padding discovery - is it possible? Konrads Smelkovs (Nov 21)
- Re: [Semi OT] Auto return address / padding discovery - is it possible? HD Moore (Nov 21)
- Re: [Semi OT] Auto return address / padding discovery - is it possible? wullie millen (Nov 22)
- Re: [Semi OT] Auto return address / padding discovery - is it possible? HD Moore (Nov 21)