Re: sample buffer overflow exploit problem

[Ganbold <ganbold () micom mng net>]

Hi,

Thanks for reply. Host is not firewalled. I tested shellcode using function 
pointer. It works.

I'm debugging sample server daemon using gdb. When put wrong return address 
and place shellcode little bit before
1001 - sizeof(shellcode) in exploit I can see my shellcode and return 
address fully when I issue command x/200bx $esp-200.

But when I put correct return address I see part of my shellcode at the end 
of x/200bx $esp-200 command.
I tried it so many ways, placing shellcodes in different place, choosing 
different return addresses etc. No result.

What should I do?

Ganbold


At 01:25 AM 9/30/2003 +0000, you wrote:
> In-Reply-To: <Law9-F106Dc41W2ufyW00009d1f () hotmail com>
>
> >You say that you can connect after the exploit, but then the connection 
> gets
>
> >dropped immediately afterwards... is there a firewall in place?
>
> >
>
>
>
> also could possibly be hitting partly into the shellcode(after nops, and 
> in the middle of the shellcode), not fully processing the code correctly.