Security Basics mailing list archives
Re: Re: wargame issue
From: justinvinn () gmail com
Date: 16 Sep 2005 18:09:50 -0000
Adam, I to have played hackerslab, and while I got bored before getting to this level, I have helped a friend of mine complete it, and maybe I can be of some help to you. If I recall correctly, this is just a simple stack based overflow. What you do is inject some specially crafted data into the buffer. This data should contain a NOP sled (usually \x90, or any other character (eg: A [\x41]) repeated over and over again. The second part of this data is a piece of shellcode. for hackerslab, I seem to recall that you will want x86 Linux shellcode. The next bit is just the return address that you want to overflow, repeated a bunch of times. Remember, this you must revers this address before you inject it, due to Little Endian byte ordering (thus 0xbfffab becomes \xab\xff\xbf). Another thing to keep in mind, is that the NOP sled + shellcode + return address block(s) must be divisible by 4. GL, and hoped that helped some ;-) peace, --n3w7yp3
Current thread:
- wargame issue haad (Sep 13)
- <Possible follow-ups>
- Re: wargame issue cabeca (Sep 14)
- Re: wargame issue haad (Sep 15)
- Re: Re: wargame issue justinvinn (Sep 16)