|
Penetration Testing
mailing list archives
RE: buffer overflow offsets?
From: axez () bigfoot com
Date: Thu, 12 Jul 2001 14:05:22 -0000 (/etc/localtime�
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
There is a possibility that exploits you have tried were slightly altered by
their authors to make it harder to use for script kiddies.
AxeZ
On 09-Jul-2001 Ivan D Nestlerode wrote:
Is there a general method for determining the proper
offset for buffer overflow exploits?
The context here is a pen test where I have
gleaned enough information about the target machine
to know that it is running vulnerable network services.
I found exploits for these services, but none of them
worked properly. I suspects the offsets are not correct.
How does one go about tuning these offsets (assuming
I don't know the exact architecture of the target machine
and that I don't have any account on that machine)?
Thanks in advance for any information,
Ivan
------------------------------------------------------------------------------
--------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service
For more information on SecurityFocus' SIA service which automatically alerts
you to
the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjtMXFwACgkQrYPSDdLHTIArowCeOR4zyUHOFvkjPJynh9f1YCKq
YYgAmgJsyQyGepCyxMW6rGXZw7U6RipW
=GF7o
-----END PGP SIGNATURE-----
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
 By Date 
By Thread
Current thread:
| 
