Metasploit mailing list archives
Problem in writing exploits
From: thegnome at nmrc.org (Simple Nomad)
Date: Wed, 11 Oct 2006 10:49:53 -0500
On Wednesday 11 October 2006 10:00, Cristiano de Nunno wrote:
I'm running Ubuntu Dapper, and I followed your advice using echo "0" > /proc/sys/kernel/randomize_va_space to disable stack randomization. Now if I check with gdb the esp reg value is always the same, but when I attempt to exploit the program with metasploit I get "Read: bad address" error and payloads don't work. How can I do?
Essentially you are asking someone else to do all of the heavy lifting. You are giving no details, and even if you did give details it will only spawn another email, and this could go on for weeks in email. I *seriously* recommend you read the books I suggested first. I've done some training in exploit writing basics before, and these books are what I recommend especially to someone starting out. To quote myself from the previous email:
However all of this is way beyond the list charter. I'd recommend a couple of books, such as "Gray Hat Hacking", "Hacking: The Art of Exploitation", and "The Shellcoder's Handbook".
Good luck, please read and try out all of the examples involving exploit writing in the books first. -SN
Current thread:
- Problem in writing exploits Cristiano de Nunno (Oct 10)
- Problem in writing exploits Simple Nomad (Oct 10)
- Problem in writing exploits Cristiano de Nunno (Oct 11)
- Problem in writing exploits Simple Nomad (Oct 11)
- Problem in writing exploits Cristiano de Nunno (Oct 11)
- Problem in writing exploits Jesús Olmos (Oct 11)
- Problem in writing exploits Simple Nomad (Oct 10)