Re: Some help With BOF Exploits Writing. - EAX ?!

[master of chaos - lord of mean <losTrace () gmx de>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

only changing registers does not make a lot of sense.
the thing is:
registers can be thought of as variables. you use them to store data.
IF your program uses EAX as a function-pointer, thus doing a jmp EAX,
or it stores EAX in some location used for function-pointers, then storing
your shellcode-address there would mean that you overwrite the function-
pointer with a pointer to your code. when the jmp or call is done, your
code will be executed.
now if it does not, just check what EAX is used for and check if you can't
use it in another way, e.g. an integer-overflow or whatever.

you should also check the vuln-dev-challenges. they occured some weeks
ago. check out the archives of vuln-dev.

BTW: you should read some basic assembly-books ;)

- - 
 This is a .signature-virus. If you see this, copy it into your .signature!
 If you don't know what a .signature is, you've most probably been infected
 by another virus of name Microsoft. In this case, please remove yourself
 from my fov or infect yourself with linux ;) || GPG public key available
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/KWNfWCFHEwXrEHMRAmePAJ43HaFpxKcfz7iyMRv8EllZsFLsBACgjpeM
/QMe/li+Tjdtoljdwl76zUY=
=VS+q
-----END PGP SIGNATURE-----