First, this is NOT a black hacking attempt. I am trying to learn about buffer overflow. I have doing my own TCP vulnerable server. It just receives data in a buffer, and copy it to another more small.
I have tried with a 20 length sized buffer. I send this shellcode:
mov eax, 0xDEADBEEF
mov ebx, 0xDEADBEEF
mov ecx, 0xDEADBEEF
I have sent:
15 bytes length of shellcode
5 trash bytes to reach buffer limit
4 bytes to overwrite EBP
4 bytes to overwrite EIP (ret addr)
But doing this with a more big buffer, suppose 60 bytes, when I put needed trash to reach buffer, the app overflows, but it doesn't run anything. And the EIP points to a unknown place.
I am looking for tutorials, but they don't tell how address this issue.
Thanks for your help.
Aucun commentaire:
Enregistrer un commentaire