LINUX EXPLOIT : STACK OVERFLOW

Posted by Dedi Kurniawan on Friday, February 24, 2012 at 12:42 PM
Ok this time we will discuss about the exploitation linuk try it first before we turn off ASLR.  
ASLR is a computer security methods that can make the position of key data areas randomly positioned.

Next step type command as below :

 #cat /proc/sys/kernel/randomize_va_space
          #echo 0 > /proc/sys/kernel/randomize_va_space
#cat /proc/sys/kernel/randomize_va_space


Vulnerable aplication


#include <stdio.h>
#include <string.h>
int main(int argc, char** argv)
{
char buffer[500];
strcpy(buffer, argv[1]); // Vulnerable function
return 0;
}

Next type #gcc -ggdb -o vulnerable_1 Vulnerable_1.c
          #gdb vulnerable_1




#run $(python -c 'print "\x41" * 600')



#Send buffer to Overwrite EIP


Info Register EIP







#List  (Search Address ESP)







#./sc_generator

Copy to fuzzer and run

Friday, February 24, 2012

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)