[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: sample buffer overflow exploit problem


Thanks for reply. Host is not firewalled. I tested shellcode using function pointer. It works.

I'm debugging sample server daemon using gdb. When put wrong return address and place shellcode little bit before 1001 - sizeof(shellcode) in exploit I can see my shellcode and return address fully when I issue command x/200bx $esp-200.

But when I put correct return address I see part of my shellcode at the end of x/200bx $esp-200 command. I tried it so many ways, placing shellcodes in different place, choosing different return addresses etc. No result.

What should I do?


At 01:25 AM 9/30/2003 +0000, you wrote:
In-Reply-To: <Law9-F106Dc41W2ufyW00009d1f@xxxxxxxxxxx>

>You say that you can connect after the exploit, but then the connection gets

>dropped immediately afterwards... is there a firewall in place?


also could possibly be hitting partly into the shellcode(after nops, and in the middle of the shellcode), not fully processing the code correctly.