Re: exploit development - weirdness??

[<bkazaz () gmail com>]

Hi,
I'm not sure about this (I don't know much stuff) but maybe it is
because all system calls and signals going in and out of a debugged
process always pass through the debugger. Maybe the process doesn't
handle some signal well but when the debugger is present, it is
delivered finely (because the debugger gets it first)
Is there a way to produce a core dump (I don't use windows) ? Have you
tried using a different debugger? You can also try sth else: Try
attaching the debugger at various points of the xploit's execution.

Hope I helped...
AsCii

On 27 Dec 2005 14:04:48 -0000, RaMatkal () hotmail com
<RaMatkal () hotmail com> wrote:
> having one of those days....im about ready to put my foot through my computer....
>
> writing stack overflow on win32 arc...
>
> i overflow eip with a pop/pop/ret, jump to my bind shellcode and im away.....all works perfectly but....
>
> when i attach to the process with my debugger and step through the exploit, it works 100% of the time....however, 
> when i try and exploit the server without the debugger attached, the service just seems to crash.....
>
> anyone have any idea what could cause this sort of behaviour?
> anyone have an idea how i can take a look at what is going wrong? remember, when i attach my debugger it works!!!
>
> Thanks in advance,
> RaMatkal