Half-Life client buffer overflow
eip_ger_at_yahoo.de
Date: 09/09/03
- Previous message: Burton M. Strauss III: "RE: Ethernet ( MAC ) Address Reliability"
- Next in thread: xenophi1e: "Re: Half-Life client buffer overflow"
- Maybe reply: xenophi1e: "Re: Half-Life client buffer overflow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 9 Sep 2003 10:02:20 -0000 To: vuln-dev@securityfocus.com('binary' encoding is not supported, stored as-is)
Hi,
i tried to write my own exploit for the buffer overflow in the Half-Life
client (Counter-Strike mod) up to Version 1.1.1.0 (Half-Life).
I overflow the buffer, jump to my shellcode, but everytime some bytes are
changed.
In my shellcode are two calls and always after the first call are some
bytes changed, when i look at the stack, after the overflow. With a
debugger i can find my shellcode on the stack and it is executed but only
to the first call. After the call opcodes, some bytes (four, five or six)
are changed and then the rest of my shellcode is ok.
Is the opcode for a call maybe a escape sequence for Half-Life so that it
changes some values that are following?
Can someone help me, please?
- Previous message: Burton M. Strauss III: "RE: Ethernet ( MAC ) Address Reliability"
- Next in thread: xenophi1e: "Re: Half-Life client buffer overflow"
- Maybe reply: xenophi1e: "Re: Half-Life client buffer overflow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
