metasploit

Exploit writing tutorial part 2 : Stack Based Overflows – jumping to shellcode

Published July 23, 2009 |

Where do you want to jmp today ? In one of my previous posts (part 1 of writing stack based buffer overflow exploits), I have explained the basisc about discovering a vulnerability and using that information to build a working exploit. In the example I have used in that post, we have seen that ESP […]

Posted in 001_Security, Exploit Writing Tutorials, Exploits | Tagged 41414141, add esp, blind return, buffer, buffer overflow, bytes, dll, eip, findjmp, jmp, jmp esp, jumpcode, metasploit, nop, opcode, pop, pop pop ret, push ret, pwned, reg + offset, ret, shellcode, stack

Exploit writing tutorial part 1 : Stack Based Overflows

Published July 19, 2009 |

By Peter Van Eeckhoutte (corelanc0d3r)

Last friday (july 17th 2009), somebody (nick)named ‘Crazy_Hacker’ has reported a vulnerability in Easy RM to MP3 Conversion Utility (on XP SP2 En), via packetstormsecurity.org. (see http://packetstormsecurity.org/0907-exploits/). The vulnerability report included a proof of concept exploit (which, by the way, failed to work on my MS Virtual PC based XP SP3 En). Another exploit was […]

Posted in 001_Security, Exploit Writing Tutorials, Exploits | Tagged 41414141, buffer, buffer overflow, buffersize, bytes, discover, ebp, eip, esp, exploit, exploit laboratory, exploit writing tutorial, hack, learn, metasploit, nop, nop sled, nop slide, overflow, pattern_create, pattern_offset, pop, push, register, saumil shah, shellcode, sk chong, stack, stack overflow, write

Corelan Cybersecurity Research

:: Knowledge is not an object, it's a flow ::

Exploit writing tutorial part 2 : Stack Based Overflows – jumping to shellcode

Exploit writing tutorial part 1 : Stack Based Overflows

Corelan Training

Donate

Corelan Team Merchandise

Corelan on Slack

Actions

Categories

Hi there!

We have good news for you!