|
Vulnerability Development
mailing list archives
Re: problem to exploit a stack overflow
From: <6d79676d61696c6163636f756e74 () gmail com>
Date: 25 May 2005 16:25:25 -0000
In-Reply-To: <433ee3d9050524070923ba6ab5 () mail gmail com>
so the access violation happend (this time) in the beging of the
shellcode !!!? is that a security future in xp sp2 ? or samething
else? can sameone help me to understand this .
thank you
You have overwritten ebp with nops... then you are trying to mov the value 63h to ebp-4 and you get an access violation.
Basically what you are trying to do with your shellcode is call winexec routine on "cmd" - and for that you are trying
to push "cmd" onto the stack, then push a null, then call winexec.
Unfortunately for you, ebp is not pointing to the stack - you have corrupted it with nops, but since you got control of
the cpu - you can move whatever value to whatever (accessible) location and fix things...
Also, you can reset all the registers to whatever values you want.
Good luck
 By Date 
By Thread
Current thread:
| 
Intro
