Security Basics mailing list archives

Exploit writing when EIP is not corrupted but EDX, EBP register are having user supplied data

From: praveen_recker () sify com
Date: 5 Jul 2010 15:41:31 -0000

I had a condition where "EDX and EBP registers are filled with user supplied data but EIP is not getting corrupted".
How can I write a working exploit to this?

Please give your inputs and if possible point to me to some whitepapers if available.

Best Regards,
Praveen Darshanam

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

Exploit writing when EIP is not corrupted but EDX, EBP register are having user supplied data praveen_recker (Jul 05)
- Re: Exploit writing when EIP is not corrupted but EDX, EBP register are having user supplied data Michal Zalewski (Jul 05)
- <Possible follow-ups>
- Re: Exploit writing when EIP is not corrupted but EDX, EBP register are having user supplied data alkindi (Jul 06)