Security Basics mailing list archives

RE: Buffer Overflow problem

From: "JTH" <jth () visi com>
Date: Tue, 11 May 2004 17:31:36 -0500

Yeah, how could you be so dumb! </sarcasm>

/me doesn't get any of this...

Every exchange like this that I read through at least makes me feel like
I'm a bit closer to understanding shellcode, though.

-----Original Message-----
From: John Vill [mailto:kalookalaa () hotmail com] 
Sent: Tuesday, May 11, 2004 12:56 AM
To: security-basics () securityfocus com
Subject: RE: Buffer Overflow problem

Hello,

I loaded the program today and I was shaking my head even 
before I tried to 
overflow it... I just subtracted a few from the esp to get 
inside the NOP 
sled. The Illegal Instruction came from returning before the 
buffer was 
allocated. I feel like such an ass, sorry for these dumb 
questions, I think 
the esp changed a little when I ran the program. A big thank you to 
Krzysztof and Byrne for your help with this! I wont spam the 
list anymore 
with this stuff =P

_________________________________________________________________
MSN Toolbar provides one-click access to Hotmail from any Web 
page - FREE 
download! http://toolbar.msn.com/go/onm00200413ave/direct/01/

--------------------------------------------------------------
-------------
Ethical Hacking at the InfoSec Institute. Mention this ad and 
get $545 off 
any course! All of our class sizes are guaranteed to be 10 
students or less 
to facilitate one-on-one interaction with one of our expert 
instructors. 
Attend a course taught by an expert instructor with years of 
in-the-field 
pen testing experience in our state of the art hacking lab. 
Master the skills 
of an Ethical Hacker to better assess the security of your 
organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
--------------------------------------------------------------
--------------



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

Buffer Overflow problem John Vill (May 06)
- Re: Buffer Overflow problem Krzysztof Godlewski (May 07)
- <Possible follow-ups>
- RE: Buffer Overflow problem Steven Trewick (May 07)
  - RE: Buffer Overflow problem Shaun Colley (May 10)
- Re: Buffer Overflow problem John Vill (May 10)
  - Re: Buffer Overflow problem Krzysztof Godlewski (May 10)
- RE: Buffer Overflow problem John Vill (May 11)
  - RE: Buffer Overflow problem JTH (May 12)