Linux Exploit - Stack Overflow
Meet again, do not ever get bored with me yeah?
on my post this time, will explain how we exploit linux, to stack overflow.
just open a terminal and type as shown below.
after that make a kind of fuzzer script as below. This time I used the language of c.
after compiling with gcc, do as shown below.
after that run with gdb.
command as shown above but does not eliminate the stack protection, to remove, type the command as shown below.
x41 try to send as many as 505 characters and the EIP has not affected the result, try raising to 508, and the result, the character stack EIP x41
then check the value of esp, do as below,
and if the value to 0x41414141 esp it means you laugh just because it fits our expectations, if it is, the next step is to break the ESP value, was undertaken to find out what the ESP value to hit.
ESP values were affected by the reduction did 0xbffff16c address 200 in value, it is used to put shellcode, it is actually free, but here I use the 200 and the result is put into the script bffff0a4 fuzzer, but we make the payload to the target / bin / bash here I use shellcode generator you can find on the internet or download here.
after generate, insert the payload as shown below.
and press enter.
booom!!, you get into root,,
make a cup of coffee and enjoy the time of the victory :)
on my post this time, will explain how we exploit linux, to stack overflow.
just open a terminal and type as shown below.
after that make a kind of fuzzer script as below. This time I used the language of c.
after compiling with gcc, do as shown below.
after that run with gdb.
command as shown above but does not eliminate the stack protection, to remove, type the command as shown below.
x41 try to send as many as 505 characters and the EIP has not affected the result, try raising to 508, and the result, the character stack EIP x41
then check the value of esp, do as below,
and if the value to 0x41414141 esp it means you laugh just because it fits our expectations, if it is, the next step is to break the ESP value, was undertaken to find out what the ESP value to hit.
ESP values were affected by the reduction did 0xbffff16c address 200 in value, it is used to put shellcode, it is actually free, but here I use the 200 and the result is put into the script bffff0a4 fuzzer, but we make the payload to the target / bin / bash here I use shellcode generator you can find on the internet or download here.
after generate, insert the payload as shown below.
and press enter.
booom!!, you get into root,,
make a cup of coffee and enjoy the time of the victory :)
Comments
Post a Comment