[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Exploiting network services question
On Tue, 21 Dec 2004 just-a-nick@xxxxxxx wrote:
> It is (nearly) anything I want, it has to be printable...
Hmm. That might mess up some things... usually on Linux/BSD the stack
starts in the 0xbfbffxxx range and grows down...
> But the service is remote, so I can't use gdb... Is there an elegant way to
> exploit this kind of vulnerabilities or do I have to brute-force it?
What OS is it running? Is it an open source program? If you can run that
OS on similar (like the same CPU/number of CPUs) and run that program,
then you can too run gdb on it. The stack should be in a similar place --
you might have to fudge it a bit with a NOP sled, pointing eip somewhere
in the middle of the NOP sled.