Back to list
Re: Re: understanding buffer overflows
Nov 02 2007 08:35AM
secacc7 hotmail com
thx.. this was a great example. yesterday i posted a replay with a different email address so i think, it was not acceptet.
i edited your exampleas followed(maybe it was a bit different, im now at work..)
int foo(char *a)
int main(int argc, char * argv)
char shellcode="Your provided shellcode";
printf("Address of Shellcode:%p\n",&shellcode);
//to put the address of shellcode at the correct position of buffer ( i ve stack randmoization on i thik so its not static) - in my case i thing it was "14"
//dont no the currect conversation:
*(long *)&buffer=(long *)&shellcode;
execlp("./vuln", "vuln", buffer, NULL);
ant this worked fine: after execute (./test) I get a result like this:
Address of shellcode: 0xbffff0c0
and gdb says too that eip points to 0xbffff0c0
i think this looks good - does it?
anyway, i didnt get a new instance of the shell.
if think maybe the shellcode havnt worked.
[ reply ]
Copyright 2010, SecurityFocus