Re: buffer overflow to spawn shell
From: Gareth Bromley (gbromley_at_intstar.com)
Date: 02/02/05
- Previous message: info76: "test"
- In reply to: coollink: "Re: buffer overflow to spawn shell"
- Next in thread: payton: "Re: buffer overflow to spawn shell"
- Reply: payton: "Re: buffer overflow to spawn shell"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 02 Feb 2005 21:20:34 GMT
coollink wrote:
> Payton, What he's telling you is you need to rename the program
> name(which is the string stored in argv[0]) to be a buffer with your
> nop sled and shellcode in it. the way i'd exploit would be to rename it
> with this command:
> mv "execname" `perl -e 'print "\x90"xhoweverlongnopsledis;'``cat
> shellcode`
> of course this command implies you have a plain file in the directory
> called shellcode with your shellcode in it.
> if you cant create a file in the directory change the command to be
> mv "execname" `perl -e 'print
> "\x90"xhoweverbignopsledis;'`blahblahblah<------shellcode here instead
> of blahs.
And the other thing to watch out for is to ensure that the shellcode you
use consists of printable ASCII instructions.
A good set of texts on this is contained within 'HACKING The Art of
Exploitation' by Jon Erickson.
- Previous message: info76: "test"
- In reply to: coollink: "Re: buffer overflow to spawn shell"
- Next in thread: payton: "Re: buffer overflow to spawn shell"
- Reply: payton: "Re: buffer overflow to spawn shell"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
