All Questions
Tagged with buffer-overflow exploit
22 questions
1
vote
1
answer
204
views
ARM64 Stack Layout - Why 100x'A' Doesn't Crash?
I'm trying to exploit a buffer overflow vulnerability in an ARM64 program from this blog.
When I give as input 100*'A', and I compile the program for ARM 32 bit (without canaries), the program crashes ...
- 113
2
votes
0
answers
220
views
Overwriting the Global Offset Table + format string vulnerability
I am trying to understand how to overwrite the Global Offset Table. On the book "Hacking: The Art of Exploitation". Following the example I get:
objdump -R ./fmt ...
- 31
2
votes
3
answers
1k
views
Bypassing ASLR without leak address
I have found a stack buffer overflow.
Currently, this is the situation:
NX/DEP disabled
ASLR enabled
Not a PIE
I am able to override the return address and jump to PLT sections.
My problem is that I ...
- 21
1
vote
1
answer
5k
views
Buffer overflow: pwntools does not give me a shell, despite exploit working without pwntools
Recently, I've been trying to learn how to use the pwntools library. I am trying to exploit the following program using pwntools:
#include <stdio.h>
#include <stdlib.h>
int main(void) {
...
0
votes
0
answers
342
views
exploiting a binary using ret2libc
I ran into this binary at a CTF :
https://github.com/auehc/AUCTF-2020/tree/master/Pwn/House%20of%20Madness
I first tried to exploit it and get a shell using ret2libc technique, however I didn't ...
- 1
6
votes
1
answer
412
views
The buffer is too short to insert addresses when exploiting buffer overflow
Newbie here. Sorry for what you about to read .
I'm currently working on exploiting a binary on Ubuntu 18.04. Here is some information about the binary:
Its checksec information using pwntools:
...
- 63
0
votes
0
answers
180
views
Cannot rewrite the rip even after disabling all the security features
I was trying to exploit a simple buffer overflow on a self created binary.
i have disabled all the security features by compiling with the flags -
--fno-stack-protector -z execstack -no-pie.
my ...
- 1
1
vote
0
answers
241
views
Need help understanding basic buffer overflow
So I have this sample problem that I need to buffer overflow. Its an elf file that require to be run on a separate terminal then using "nc localhost 'port' " on a separate terminal we can see the ...
- 11
1
vote
1
answer
1k
views
Why always get the message "Illegal Instruction (core dumped)"?
I tried to exploiting buffer overflow. In the exploit code
I use the Aleph-One shellcode.
"\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b"
"\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\...
1
vote
1
answer
845
views
Buffer overflow on server
I have a server (for reference: pastebin.com/ghJX69uH) that I can netcat to and it will ask to input a message.
I know it is vulnerable to buffer overflow, but I can't seem to get the shellcode to ...
- 123
2
votes
1
answer
2k
views
Basic Buffer Overflow Help
I am currently practicing for a CTF competition and one of the practice challenges is a buffer overflow exploit. Before this challenge I knew absolutely nothing about these exploits, but I've been ...
- 23
0
votes
1
answer
450
views
My nopsled getting Segmentation fault (core dumped)
After overwrite the EIP register, I try breakpoint on the function strcpy() and then run the program after a breakpoint in the debugger.
Then I check the ESP register :
(gdb) i r esp
esp ...
3
votes
1
answer
855
views
How should I approach a basic CTF exploitation challenge?
Complete newbie alert so apologies on what you're about to read.
I've an executable I'm working with to achieve buffer overflow on. This is for an old CTF that has been and gone but I chose it to ...
- 221
4
votes
1
answer
1k
views
How to find the stack and other info in a memory dump? ARM
I'm reversing a closed platform to try gain execution using an exploit, a stack overflow. I've been told that (since there are no debuggers) the best way is to use RAM dumps (that I have) to try ...
- 154
1
vote
2
answers
517
views
Why can't I get the EIP to reflect my input
I am going through a tutorial which shows you how to exploit a stack based buffer overflow in a sample C program. The C code is:
#include <string.h>
void function(char *str) {
char buffer[...
- 319