-2

I'm having ecPPTv2 exam, and I successfully developed the exploit for the buffer overflow section, so I found offset, bad chars and the return address, i debugged with Immunity Debugger and It's all good, the rutn pointer is ok and no ASLR is active in that address BUT when I debug it as soon as i hit the start of my payload I get

Access violation when executing [ESP Address]

Initially I thought it was normal, 'cause I am running Immunity on a windows 11 machine but when I try to execute the program into the kali machine to attack the target I don't receive the connection back to my handler

I tried to change NOP, changereturn address but nothing worked

Can you help me?

Improve this question

1 Answer 1

Reset to default
0

Try temporarily turning off Data Execution Prevention in Windows:

  1. "Tap the Windows key or Start button".

  2. "Type Windows Security and select the Windows Security app that appears at the top of the search results."

  3. "Select App & browser control and then Exploit protection."

"You'll find Data Execution Prevention on the System settings tab."

Improve this answer
2
  • Thank you! I did it and the debugger worked fine, the exploit completed! Now the question is, why it's not working on the target machine? I am attacking using proxychains, maybe there is something that i did not do after autorouting?
    – niccolò orlandi
    Commented Aug 9, 2024 at 15:22
  • @niccolòorlandi Sorry, I'm not familiar with these tools (proxychains, kali, Immunity). Please ask a followup question or update this question (noting that it now works on Windows). Please add more details about how you're connecting to the target machine.
    – Matthew Flaschen
    Commented Aug 9, 2024 at 17:32

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.