Vulnerability Development mailing list archives
Half-Life client buffer overflow
From: <eip_ger () yahoo de>
Date: 9 Sep 2003 10:02:20 -0000
Hi, i tried to write my own exploit for the buffer overflow in the Half-Life client (Counter-Strike mod) up to Version 1.1.1.0 (Half-Life). I overflow the buffer, jump to my shellcode, but everytime some bytes are changed. In my shellcode are two calls and always after the first call are some bytes changed, when i look at the stack, after the overflow. With a debugger i can find my shellcode on the stack and it is executed but only to the first call. After the call opcodes, some bytes (four, five or six) are changed and then the rest of my shellcode is ok. Is the opcode for a call maybe a escape sequence for Half-Life so that it changes some values that are following? Can someone help me, please?
Current thread:
- Half-Life client buffer overflow eip_ger (Sep 09)
- <Possible follow-ups>
- Re: Half-Life client buffer overflow xenophi1e (Sep 11)