Search:

Type: Posts; User: oib111; Keyword(s):

Page 1 of 2 1 2

Search: Search took 0.00 seconds.

  1. Replies
    42
    Views
    5,538

    So I used OllySSEH plugin to scan all the modules...

    So I used OllySSEH plugin to scan all the modules for SafeSEH and all the ones that supported SEH had SafeSEH on, so I can't do anything with that. Thanks for the help though. If I have the time I'll...
  2. Replies
    42
    Views
    5,538

    Thanks for all the info. I'll look at some of...

    Thanks for all the info. I'll look at some of those links you gave me and do some searching of my own to try to find some methods for getting pass safeSEH
  3. Replies
    42
    Views
    5,538

    Yeah, it doesn't get hit.

    Yeah, it doesn't get hit.
  4. Replies
    42
    Views
    5,538

    Here's a download link:...

    Here's a download link: https://www.securinfos.info/old_softwares_vulnerable/3Com_Daemon_2r10.exe

    Also, if I overwrite EIP with a valid return address that happens (what's in the picture).
  5. Replies
    42
    Views
    5,538

    No because then the EIP isn't valid and it just...

    No because then the EIP isn't valid and it just crashes.
  6. Replies
    42
    Views
    5,538

    Well it seems that the POP POP RETs that don't...

    Well it seems that the POP POP RETs that don't start with 0x00 are in DLLs so ASLR will always be a problem there. I might do some googling on ASLR bypass, but if not I will just do this on XP.
    ...
  7. Replies
    42
    Views
    5,538

    Oh ok, so I don't have to worry about SEH at all....

    Oh ok, so I don't have to worry about SEH at all. Also, since 0x00 is a bad character and Windows 7 implements ASLR, how exactly can I jump to the POP POP RET in ntdll? Is there any way to bypass...
  8. Replies
    42
    Views
    5,538

    Thanks, that's just what I needed. Uh, just a...

    Thanks, that's just what I needed. Uh, just a little question, it seems like the 0x00 might be a bad character, but since the other POP POP RET I found that started with 0x77 was in ntdll, so of...
  9. Replies
    42
    Views
    5,538

    Thanks for the link. Also, I was doing some...

    Thanks for the link. Also, I was doing some investigating and I followed the third address on the stack (the one that points back into my buffer) in the stack instead of in the dump and I got this:
    ...
  10. Replies
    42
    Views
    5,538

    Now, if the problem persists, it is possible that...

    Now, if the problem persists, it is possible that 0xEB is a bad character, right?
  11. Replies
    42
    Views
    5,538

    Ah, a new line feed. How do I get around this,...

    Ah, a new line feed. How do I get around this, just jump a little farther? Also, I believe I asked this question in the thread, but it went unanswered, how do I know which characters I can't use in...
  12. Replies
    42
    Views
    5,538

    I did that before, it didn't get any that didn't...

    I did that before, it didn't get any that didn't start with 0x00. I just went into the Executable Modules list in Olly, found ntdll and searched for pop edi and pop esi neither of which helped so I...
  13. Replies
    42
    Views
    5,538

    I'm not trying the USER exploit, I'm trying a...

    I'm not trying the USER exploit, I'm trying a exploit on the MKD command. I''ll look in ntdll, but I'm not sure how to search for a sequence of commands in Olly, especially something like POP POP RET...
  14. Replies
    42
    Views
    5,538

    I know I tested to see if it'd crash on...

    I know I tested to see if it'd crash on 0x42424242 but I don't remember the results and I can't test right now because my network is down and can't get Virtual PC working with my neighbors network....
  15. Replies
    42
    Views
    5,538

    Thanks, that's work although I did it slightly...

    Thanks, that's work although I did it slightly differently (put the NOPs first) and there are some extra bytes to account for. But, something isn't working. My overflow buffer is:



    jmp =...
  16. Replies
    42
    Views
    5,538

    I checked the four bytes at the address pointed...

    I checked the four bytes at the address pointed to by ESP and EBP and neither seem to be near or in my buffer. That address on the stack you pointed out works great (kind of). I scanned the file...
  17. Replies
    42
    Views
    5,538

    Ah, thanks for those suggestions, I'll look into...

    Ah, thanks for those suggestions, I'll look into that right now.

    EDIT:

    Ok, couldn't find any registers that referred to an address that pointed back to my buffer, but I did find something in...
  18. Replies
    42
    Views
    5,538

    First Time Writing a BoF Exploit (Stuck)

    So I have BT4 running in a Virtual Machine, and I have Windows 7 as the host computer. I'm trying to write my own Buffer Overflow exploit for an old, vulnerable, version of 3COM FTP, but I'm stuck. I...
  19. Replies
    6
    Views
    2,475

    Wow, thanks! Just a few questions. uint_fast_64_t...

    Wow, thanks! Just a few questions. uint_fast_64_t is a 8 byte integer and uint_fast_32 is a 4 byte integer? Also, what is the source to Set48, Set32, MakeValid_IP4_Transport, and SendEtherFrame...
  20. Replies
    6
    Views
    2,475

    [C++]Constructing Packets

    I want to start programming some of my own tools for hacking (such as ARP Spoofs, sniffers, etc), but I don't get how to construct my own packets. I mean I get it would be something like:



    char...
  21. Discussioni: Can't connect to WLAN

    by oib111
    Replies
    19
    Views
    2,936

    When I try connecting via terminal it never gets...

    When I try connecting via terminal it never gets DHCP, but I'll try (I'll also try manually configuration). But how do I manually configure my settings?
  22. Discussioni: Can't connect to WLAN

    by oib111
    Replies
    19
    Views
    2,936

    Progress! I successfully connected, but then...

    Progress! I successfully connected, but then about 5 seconds later it said "Connection to Lrei has been lost. Would you like to reconnect?" I clicked Yes and then Wireless Assistant crashed....
  23. Discussioni: Can't connect to WLAN

    by oib111
    Replies
    19
    Views
    2,936

    Well my WiFi Adapter is built-in (using my EEE...

    Well my WiFi Adapter is built-in (using my EEE PC), and I don't think it's broken because it works fine on XP Home.
  24. Replies
    9
    Views
    4,631

    Metasploit doesn't have everything. Try going to...

    Metasploit doesn't have everything. Try going to milw0rm.com
  25. Discussioni: Can't connect to WLAN

    by oib111
    Replies
    19
    Views
    2,936

    Manually configuring it worked, thanks EDIT: ...

    Manually configuring it worked, thanks

    EDIT:

    Nvm, it's not working.I can connect to my network, but I don't have internet access
Results 1 to 25 of 37
Page 1 of 2 1 2