Getting address of shellcode into ESP? - HeapOverflow Computer Security Community & Forums : Heap Overflow.com

HeapOverflow Computer Security Community & Forums : Heap Overflow.com

		HeapOverflow Computer Security Community & Forums : Heap Overflow.com > Computer Security: Discussions > Hacking
Getting address of shellcode into ESP?

Mark Forums Read

Notices

Welcome to you visitor! This community is mainly dedicated to the computer and security, if you're looking for DFind scanner or others exploits codes you will find them into the Projects section, feel free to start Blogging and remember to always keep an eye and start talking about security Advisories & public Exploits.

Hacking Discuss the art of hacking, your experiences, etc...

Getting address of shellcode into ESP?

This is a discussion on "Getting address of shellcode into ESP?" within the Hacking part of the Computer Security: Discussions section; There is a remote vulnerability in a multiplayer game. I am new to this but have been able overflow the buffer and change the return address to one that points to `call esp` inside kernel32.dll. I've read several ...

Reply

#1 (permalink)

Old

02-02-09

danny3 is offline

Junior Member

Join Date: Feb 2009

Age: 24

Posts: 2

Thanks: 0

Thanked 0 Times in 0 Posts

Rep Power: 3

danny3 is on a distinguished road

Default

Getting address of shellcode into ESP?

There is a remote vulnerability in a multiplayer game. I am new to this but have been able overflow the buffer and change the return address to one that points to `call esp` inside kernel32.dll.

I've read several articles but I'm still not sure how I would overwrite ESP register or somehow get the address of my shellcode into it?

I'm sending the data like this...

[Normal data]
[OVERFLOW AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA]
[Return Address - call esp]
[Shellcode?]

Doing the above works on a simple vulnerable program I wrote (testing locally), but the shellcode doesn't get executed on the game. It goes to 'call esp' but how do I get ESP to point to location of my shellcode?

Last edited by danny3; 02-02-09 at 20:50.

Reply With Quote

Sponsor

Advertiser

#2 (permalink)

Old

06-02-09

danny3 is offline

Junior Member

Join Date: Feb 2009

Age: 24

Posts: 2

Thanks: 0

Thanked 0 Times in 0 Posts

Rep Power: 3

danny3 is on a distinguished road

Default

Re: Getting address of shellcode into ESP?

I figured it out.

Ya'll suck... :/

Reply With Quote

#3 (permalink)

Old

14-02-09

fl0 fl0w is offline

Junior Member

Join Date: Dec 2007

Age: 21

Posts: 21

Thanks: 3

Thanked 11 Times in 8 Posts

Rep Power: 8

fl0 fl0w is on a distinguished road

Default

Re: Getting address of shellcode into ESP?

Can you maybe tell us what game it is ?

Reply With Quote

Sponsor

Advertiser

Reply

Tags
esp, register, shellcode, windows

« Can Any One Learn Me Overflow Or Give Some informations | About Hacking... »

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is On HTML code is Off Trackbacks are On Pingbacks are On Refbacks are On

heapoverflow.com - SEOmeter SEO tools

Locations of visitors to this page

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110