Penetration Testing mailing list archives
buffer overflow offsets?
From: Ivan D Nestlerode <nestler () MIT EDU>
Date: Mon, 09 Jul 2001 15:42:55 -0400
Is there a general method for determining the proper offset for buffer overflow exploits? The context here is a pen test where I have gleaned enough information about the target machine to know that it is running vulnerable network services. I found exploits for these services, but none of them worked properly. I suspects the offsets are not correct. How does one go about tuning these offsets (assuming I don't know the exact architecture of the target machine and that I don't have any account on that machine)? Thanks in advance for any information, Ivan -------------------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- buffer overflow offsets? Ivan D Nestlerode (Jul 09)
- RE: buffer overflow offsets? axez (Jul 11)