Vulnerability Development mailing list archives
Re: sample buffer overflow exploit problem
From: Ganbold <ganbold () micom mng net>
Date: Wed, 01 Oct 2003 09:07:23 +0900
Hi,Thanks for reply. Host is not firewalled. I tested shellcode using function pointer. It works.
I'm debugging sample server daemon using gdb. When put wrong return address and place shellcode little bit before 1001 - sizeof(shellcode) in exploit I can see my shellcode and return address fully when I issue command x/200bx $esp-200.
But when I put correct return address I see part of my shellcode at the end of x/200bx $esp-200 command. I tried it so many ways, placing shellcodes in different place, choosing different return addresses etc. No result.
What should I do? Ganbold At 01:25 AM 9/30/2003 +0000, you wrote:
In-Reply-To: <Law9-F106Dc41W2ufyW00009d1f () hotmail com>>You say that you can connect after the exploit, but then the connection gets>dropped immediately afterwards... is there a firewall in place? >also could possibly be hitting partly into the shellcode(after nops, and in the middle of the shellcode), not fully processing the code correctly.
Current thread:
- Re: sample buffer overflow exploit problem Ganbold (Oct 01)
- <Possible follow-ups>
- Re: sample buffer overflow exploit problem Ganbold (Oct 01)