Penetration Testing mailing list archives
RE: buffer overflow offsets?
From: axez () bigfoot com
Date: Thu, 12 Jul 2001 14:05:22 -0000 (/etc/localtime
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 There is a possibility that exploits you have tried were slightly altered by their authors to make it harder to use for script kiddies. AxeZ On 09-Jul-2001 Ivan D Nestlerode wrote:
Is there a general method for determining the proper offset for buffer overflow exploits? The context here is a pen test where I have gleaned enough information about the target machine to know that it is running vulnerable network services. I found exploits for these services, but none of them worked properly. I suspects the offsets are not correct. How does one go about tuning these offsets (assuming I don't know the exact architecture of the target machine and that I don't have any account on that machine)? Thanks in advance for any information, Ivan ------------------------------------------------------------------------------ -------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
- -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjtMXFwACgkQrYPSDdLHTIArowCeOR4zyUHOFvkjPJynh9f1YCKq YYgAmgJsyQyGepCyxMW6rGXZw7U6RipW =GF7o -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- buffer overflow offsets? Ivan D Nestlerode (Jul 09)
- RE: buffer overflow offsets? axez (Jul 11)