Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: problem in rewrite RET address in Buffer OverFlow

From: behrang () hat-squad com
Date: Wed, 26 Oct 2005 09:20:28 +0000
You should find all imported DLLs by the vulnerable program and then do a search
for required opcode (in this case jmp esp) to find memory addresses that dose
not contain NULLs. In the case of no suitable address , then you should think
about using other possible methods like SEH exploitation or ret encoding.

Behrang Fouladi
Previous By Date Next
Previous By Thread Next

Current thread: