• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Buffer Overflow: my "shell"-code does not work

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses

View previous topic :: View next topic  
Author Message
vaderlicious
Just Arrived
Just Arrived


Joined: 31 Oct 2008
Posts: 0


Offline

PostPosted: Fri Oct 31, 2008 4:17 pm    Post subject: Buffer Overflow: my "shell"-code does not work Reply with quote

Hi!

I am occupying myself with Buffer Overflows. So I have learned how to modify the return adress by an too long input. The program execution continues at an other point in the memory, where I have put my Assembler-Code.

I have tried writing a simple "hello-world"-assembler-program, which I wanted to execute by buffer overflow. But despite the EIP-register contained the right memory adress, there occured errors when debugging my (overflowed) program:

Code:
No function contains program counter for selected frame

Code:
Cannot find bounds of current function


So I have three questions:

1. What is generally the best way to convert my asm listing into a hex string? Do I have to use inline assembler in c++ or is there a better possibility?

2. Is it enough to change the EIP register, so that it points to my adress in the memory? Or is there anything else I have to do? (see the errors above)

3.In many tutorials, they put asm-commands like JMP or CALL at the beginning of their asm-code, which they want to be executed. Why do they do that?




Sincerely yours
_vaderlicious
Back to top
View user's profile Send private message
Iņaki Viggers
Just Arrived
Just Arrived


Joined: 26 Aug 2008
Posts: 0


Offline

PostPosted: Fri Nov 07, 2008 5:37 pm    Post subject: Reply with quote

Hi Vaderlicious,
Answering your questions:
1. Just assemle the asm code and display with a low-level debugger or hex viewer. No, you don't need inline assembly to exploit a binary. Keyboard is enough.
2. & 3. It depends on the implementation or how the compiler uses the registers. Exploits is one of those fields that should be considered as an art rather than a method with rigid steps and rules.

Please post the program you want to exploit (executable).

Thank you.

Iņaki Viggers
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register