Tagged Questions
4
votes
3answers
197 views
Is writing shellcode still a valid skill to have/learn?
Following up from this question: Should I bother teaching buffer overflows any more?
I am a it sec researcher and also security course instructor. Recently questions have been raised about the ...
5
votes
1answer
173 views
NX bit causes segfault on NOP slide?
doing an assignment for university.
We have to exec a shell on a remote server. We're told the NX bit is not set, however, when we redirect to our injected code, the server has a segmentation fault. ...
1
vote
1answer
182 views
SafeSEH and x64
I read here that
/SAFESEH is only valid when linking for x86 targets. /SAFESEH is not
supported for platforms that already have the exception handlers
noted. For example, on x64 and Itanium, ...
3
votes
1answer
132 views
Stack canaries protection and ROP
As far as I know stack canaries are values written on the stack that, if overwritten by a buffer overflow, force the application to close at return.
My question is: if I overwrite both EIP and stack ...
2
votes
1answer
672 views
Stack smashing keep getting segmentation fault
I have a homework assignment to do stack smashing,
The exploit code creates a badfile in which the vulnerable file reads and buffer over flow occurs.
I have already did the 2 commands below to ...
3
votes
2answers
216 views
Do I always have to overwrite EIP to get to write on the stack in a buffer overflow?
Do I always have to overwrite EIP to get to write on the stack in a buffer overflow? How's the memory organized? I can't find a proper graph with google
