Page 4 of 5 FirstFirst ... 2345 LastLast
Results 31 to 40 of 42

Thread: Writing Buffer Overflow Exploits using BackTrack

  1. #31
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    Quote Originally Posted by nanoSpl0it View Post
    Thanks for the great tutorial! I have been teaching myself local/remote exploit with online tutorials like yours and reading a couple books. I read through the first one, looks good. I will actually try it soon and go through the rest of them.

    Of course I will be cautious of malware/trojan and the likes.
    You're welcome. By the way, the current version of the BigAnt installer linked from my blog is now Trojan free - just in case you were wondering
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  2. #32
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    Quote Originally Posted by lupin View Post
    By the way, the current version of the BigAnt installer linked from my blog is now Trojan free - just in case you were wondering
    But will you trust to that.....
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  3. #33
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    Quote Originally Posted by Gitsnik View Post
    But will you trust to that.....
    Blast, there goes my plan to lull people into a false sense of security so I can Trojan their machines and build my own giant Zombie Army!!!!

    OK, let me rephrase, the current version of the BigAnt installer linked from my blog WAS Trojan free the last time I checked it, which was a few months ago. However, Id recommend that even if you do trust me on that (and why wouldn't you - Im a really trustworthy kind of guy), you should still take all the normal precautions you take when downloading a program from the Internet.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  4. #34
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    Lupin, could you please copy these in some .pdf files ? I really want them, their a masterpiece.
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  5. #35
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    Quote Originally Posted by sickness View Post
    Lupin, could you please copy these in some .pdf files ? I really want them, their a masterpiece.
    Thanks for that sickness. I don't actually have copies of these suitable for copying to PDF, the text, pictures and embedded URLs are all separate in the originals, and the text is unformatted. I only put them all together when I actually did the blog post.

    The existing format of the posts is probably a little less than ideal, I still haven't got the blog layout looking quite right yet, even after two major changes. I'm open to suggestions on improving the layout if anyone has them (send me a PM rather than posting to this thread).
    Last edited by lupin; 06-30-2010 at 10:40 AM.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  6. #36
    Junior Member skidmarq's Avatar
    Join Date
    Jan 2010
    Posts
    88

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    I just wanted to say that your SEH tutorial is a masterpiece...thanks for taking the time to write that.
    I got 99 problems but the bits ain't one...

  7. #37
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    11

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    A treasure trove of tutorials and a wealth of information. Thanks for sharing the intricacies of a part of your brain. :P

  8. #38
    Just burned his ISO
    Join Date
    Oct 2010
    Posts
    4

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    Lupin, thanks a lot!!!
    It was my first one, and I managed it under SP XP3!
    It was a great great training for me!
    I lost myself in the offsets explanation, but since I understood the meaning... I did by myself!!
    THANKS A LOT!!!

  9. #39
    Senior Member LHYX1's Avatar
    Join Date
    Sep 2010
    Location
    Belgium
    Posts
    127

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    First of all thanx a lot Lupin for these gerat tutorials.
    I succesfully completed the first 2 but I'm having a problem with the third and i would appreciate it if someone would take a look at my problem
    I can't get the application to crash. The script gives no errors and just exits.
    In the tutotial was mentioned that the network layer could be the cause of this. And to make sure you had to confirm that you don't receive RST packets from the victim machine while sending the malicious http request.
    So I captured it with wireshark and it seems I am getting a few RST packets.
    Here is a screenshot: http://home.base.be/%72%68%69%6E%63%...screenshot.jpg

    victim ip = 192.168.1.11
    attacker ip = 192.168.1.4

    I don't know what to from this point on. So any help is welcome

  10. #40
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    Quote Originally Posted by LHYX1 View Post
    First of all thanx a lot Lupin for these gerat tutorials.
    I succesfully completed the first 2 but I'm having a problem with the third and i would appreciate it if someone would take a look at my problem
    I can't get the application to crash. The script gives no errors and just exits.
    In the tutotial was mentioned that the network layer could be the cause of this. And to make sure you had to confirm that you don't receive RST packets from the victim machine while sending the malicious http request.
    So I captured it with wireshark and it seems I am getting a few RST packets.
    Here is a screenshot: http://home.base.be/%72%68%69%6E%63%...screenshot.jpg

    victim ip = 192.168.1.11
    attacker ip = 192.168.1.4

    I don't know what to from this point on. So any help is welcome
    What OS and Service pack are you using? You may want to try increasing or decreasing the buffer length.

    This issue was also addressed in the comments at the bottom of the tutorial.

Page 4 of 5 FirstFirst ... 2345 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •