firsh we stop ASLR result as image above after that we make script program C example my script : #include <stdio.h>
#include <string.h>
int main(int argc, char** argv)
{
char buffer[500];
strcpy(buffer, argv[1]);
#include <string.h>
int main(int argc, char** argv)
{
char buffer[500];
strcpy(buffer, argv[1]);
return 0;
}
}
we compile, load it in a debugger and try to trigger out buffer overflow.
Figure
Figure
than we adding the -fno-stack-protector and -mpreferred-stack-boundary=2 after than we write run $(python -c 'print "\x41" * 505') and run $(python -c 'print "\x41" * 508') use to show value eip
info registers use to see info register from eip,eax,ecx,ebx, etc.
used for many characters could enter
after that we write list point for look script we make.than we write break 7 for stop on number 7
point for shows script exploit-db....
picture in above used to see what value after change
image in bellow point for use to see what value eip after crushed
we running exploit, but there is minor issuses, i will add nop and we run exploit change
and result is
Tidak ada komentar:
Posting Komentar