Vuln Dev
Re: Re: Help developing exploit May 27 2007 12:15PM
KaCo678 aol com (1 replies)
Re: Help developing exploit May 28 2007 01:37AM
Valdis Kletnieks vt edu
On Sun, 27 May 2007 12:15:38 -0000, KaCo678 (at) aol (dot) com [email concealed] said:

> If i look into the esp memory to find my 0x90 nop sled the adress where its
> at is 0013f318 but im sure im not able to use a null byte..

The standard solution here is that rather than having 0x0013f318 as the
target address, you do something like this:

load register,=x'90836388'
xor register,=x'90909090'
(code to branch to where that register now points)

Or declare the target address as x'9013f318' and 'xor immediate' a x'90'
into the first byte... or other similar scheme...


Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001


[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus