 | |
| |||||||
| Home | Register | Projects | Blogs | FAQ | Calendar | Search | Today's Posts | Mark Forums Read | Free Directory | Free DNSReport | Tags |
| Notices |
| Hacking Discuss the art of hacking, your experiences, etc... |
Examining crashesThis is a discussion on "Examining crashes" within the Hacking part of the Computer Security: Discussions section; Hi All, This is my first dive into looking at real exploit research. As I can now do a basic overflow on code i wrote and get a shell I want to start looking at existing exploits and modifying them. ... |
 |
| | LinkBack | Thread Tools | Display Modes |
05-10-05
| |||
| |||
 Examining crashes Hi All, This is my first dive into looking at real exploit research. As I can now do a basic overflow on code i wrote and get a shell I want to start looking at existing exploits and modifying them. I'm looking at the melange chat sever 1.10 exploit this one http://www.securiteam.com/exploits/6W00L1F6AS.html and this one http://www.securiteam.com/unixfocus/6B00N006AU.html more code http://felinemenace.org/~circut/ They seem fairly straight forward and documented. there is also a DOS exploit invloving the /yell command and sending 600 chars How can i see what happens and examine the stack output when doing this? Will i get a core dump from melange, where will it be? When i compile it should I add the symbols table to make debugging easier. How would you approach it? What I am looking for is to be able to point EIP to my NOPsled and then execute portbinding shellcode. So i need to find EIP from the stack dump, which will be in the core dump. Cheers  |
| Sponsor | ||
| ||
| |
|
27-01-06
| |||
| |||
| well if your on any *nix os you can always just open up the app itself with gdb then crash it to examine the stack even though its a gui program it will work like running anyother small program with gdb :P |
|
27-01-06
| ||||
| ||||
| me I do not do this under linux, this is not fun , so I can't help you  |
Linear Mode
