Buffer overflow

Hi. I'm learning ASM and C n perl atm to gain more computer knowladge within the art of hacking. And all i want is when finding buffer overflows within programs that have been compiled hows do you find that an exploit can be exploited, i'm not asking to be spoon fed cause i like to learn for myself. My guess is studying an application in ASM and see if it can be exploited. Thank you for your time

Do some research on the topic of fuzzing. That'll get you started.

Use metasploit


Study http://www.securiteam.com/securityre...OP0B006UQ.html

Consider also a higher level scripting language (such as lua or python) rather than shellcodes as most systems now effectively trap buffer overflows. (We hope).

im agree you will need to learn some procedural language before all

lua(my little installer for bt under win was made in lua) is the best i think

python is really powerfull

The new metasploit frame work is coded in ruby so if you plan on using it to develop a exploit after you find a vunerability it would be usefull to be proficiant in ruby. Black foot is right fuzzing is the teqnique used for finding vunerabilities. Backtrack comes with some very useful fuzzers but even before that you must learn about the stack, and break points and the eip and a lot of other things. other wise you wont know a vunerability when you see it

Well thank you guys very much i mean tht, i shall looking into it now, i do know abit of ASM. I wanna learn this stuff to get good at it, i dont really like using metasploit cause i'd wanna learn how to find them exploit them not jus click, config, exploit (not my thing). Thanks people :-D

Script kiddies = n00bs

I agree on writing your own exploit, as I am learning C and python to write mine, but don't consider metasploit to be completely noob. Tinker with metasploit to get a feel of how the exploit works, after exectuing an exploit and it's payload, you can look at the source code to view how it did it for an idea for your own exploit. Then further enhance it.

I had a quick look at ASM as I could not recall that the boys at Grenoble were doing anything of interest in this sector.

ASM appears to manipulate Java classes in an adaptable environment. It presumes extensive write permissions. Whilst it does indeed adapt byte-code I do not see it as approaching anything in a useable form to run alongside nor to replace shellcoding.

To use this (ASM) restricts your activity to java classes only and the likelihood of finding (in my opinion) the precise memory location of a class to adapt and maintain the memory footprint without prior knowledge of the model which one is adapting dynamically is at best difficult and certainly time-consuming.


I accept that metasploit is dependent on ruby. I overlooked that important point.

Best of luck in your quest! By all means write again if you wish any of us to expand points.

i have tried a tuto ceonserning BOF and it desnt work, any idea ? maybe a buffer overflow protection in backtrack?

Read up on how overflows work and answer the question yourself.