Results 1 to 5 of 5

Thread: Good program to experiment with buffer overflow?

  1. #1
    Junior Member
    Join Date
    May 2009
    Posts
    42

    Default Good program to experiment with buffer overflow?

    Hi there,
    does anyone know where I can download httpdx 0.7 or earlier? or if not a good program to experiment with buffer overflows? I want to write PoC code (probably in python) with the ultimate result being a bind shell opening on the victim machine. Something windows based obviously.
    I have a rather dated tut for an ftp server but the version used is no-longer available. I just want to write an exploit to ensure that I understand the concept. I have no previous experience of this but I think I'm getting my head around it slowly. I have 2 machines I can use as "attacker" and "victim", ollyDBG set up on the victim (windows xp sp3) and Backtrack on the attacker. The newer version of the server used in the video tut has obviously been modified to prevent exploiting it via the method shown (the process can't be attached to ollyDBG and feeding in a buffer as shown gets acknowledged but doesn't cause a crash).
    any advice would be great
    thx

  2. #2
    Member kazalku's Avatar
    Join Date
    Feb 2009
    Posts
    416

    Default

    When I had the similar issue, I formatted my windows xp sp3 box & reinstalled xp WITHOUT the service pack. So, it became unpatched and now, even with the autopwn, I can get 6 sessions.
    If you can't explain it simply, you don't understand it well enough -- Albert Einstein

  3. #3
    Junior Member
    Join Date
    Dec 2007
    Posts
    76

    Default

    This might be just what your after:

    Download old vulnerable softwares version

    This site hots tonnes of old, vulnerable software for your hacking needs.
    I'm trying to get into this as well, but learning how to port exploits to metasploit by myself.

  4. #4
    Junior Member
    Join Date
    May 2009
    Posts
    42

    Default

    Thanks, that looks like exactly what I wanted I'll get on with it soon.
    thx very much

  5. #5
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by ecsployt View Post
    This might be just what your after:

    Download old vulnerable softwares version

    This site hots tonnes of old, vulnerable software for your hacking needs.
    I'm trying to get into this as well, but learning how to port exploits to metasploit by myself.
    Cool link - thanks for posting!
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •