To make the process exploid process is the following:
EIP - DEAD BEEF - JMP ESP - payload
EIP - DEAD BEEF - JMP ESP - payload
to break through the music application that can be done by creating a file in the form: ram, m3u, pls and other. here I will try to create a m3u file with the form (perl) and pls (python). example bufferoverflow application VUplayer
1. Create a fuzzer, try almost equal to rmmp3. but here I try and get smaller. as below fuzzernya
1. Create a fuzzer, try almost equal to rmmp3. but here I try and get smaller. as below fuzzernya
2. run application VUplayer and run it with OllyDbg. and run the file fuzzer on this application. and it will appear AAAAAAAAA and EIP into 4141
3. To change the pattern aaaaaaa then create it with: ./pattern_create.rb 1020 > string__pattern.txt
4. The input pattern that had emerged in the fuzzer that would in turn
5. run application VUplayer and run it with OllyDbg. and run the file fuzzer on this application. and appears to formerly aaaaaaaaaaaaa and 4141 will be changed. so as to facilitate
6. To know the EIP register unttuk 1004 and 1008 required stack. the type
7. Create a fuzzer back using the EIP from the register before 1004.
8. run application VUplayer and run it with OllyDbg. and run the file fuzzer on this application. and EIP turn into DEEDBEEF
9. create a fuzzer to be able to change the memory register with CCCCCCCCCCCCC.
10. It will be :
:
11. Tried to exploit with telnet, and applications can be damaged. but can not telnet
13. Then I tried to bring up the fuzzer with exploid calculator as shown below:
Tidak ada komentar:
Posting Komentar