Vulnerability Development mailing list archives
Re: problem to exploit a stack overflow
From: <6d79676d61696c6163636f756e74 () gmail com>
Date: 25 May 2005 16:25:25 -0000
In-Reply-To: <433ee3d9050524070923ba6ab5 () mail gmail com>
so the access violation happend (this time) in the beging of the shellcode !!!? is that a security future in xp sp2 ? or samething else? can sameone help me to understand this . thank you
You have overwritten ebp with nops... then you are trying to mov the value 63h to ebp-4 and you get an access violation. Basically what you are trying to do with your shellcode is call winexec routine on "cmd" - and for that you are trying to push "cmd" onto the stack, then push a null, then call winexec. Unfortunately for you, ebp is not pointing to the stack - you have corrupted it with nops, but since you got control of the cpu - you can move whatever value to whatever (accessible) location and fix things... Also, you can reset all the registers to whatever values you want. Good luck
Current thread:
- problem to exploit a stack overflow migalo digalo (May 23)
- Re: problem to exploit a stack overflow Valdis . Kletnieks (May 25)
- <Possible follow-ups>
- problem to exploit a stack overflow migalo digalo (May 25)
- Re: problem to exploit a stack overflow Daniele Milan (May 25)
- Re: problem to exploit a stack overflow 6d79676d61696c6163636f756e74 (May 25)