stackoom
  简体   繁体   中英

format string exploitation, how can I retrieve saved istruction pointer?

 原文  2014-05-09 18:42:24       c/ exploit/ format-string

Question

I have a problem with my exploit (doing for exercise). The string to pass to my vulnerable program is ready except for the target address where I want to write, of course it is the current saved $eip.

How can I retrieve it? The answer seems to be easy, by debugging of course, stop the execution and see the address printing the stack. Ok let's assume now that I retrieved it, the problem is that I launch an executable not compiled with the -g option, so no way to set breakpoints... so How can I do that?

Note that, the two stack (one of the file compiled with -g and the one without it) are different!! different stack, so different $eip address (and also value).

1 answers

solution1
 0  

for future readings, I finally made it! I just wrote down a script to cycle over all possibile address ( in restricted range to raise down the time effort) and I found it ;) Tunarock 1 ASLR 0 – Tunarock

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Difficulties Understanding Format String Exploitation Unable to understand a format string exploitation code How to perform exploitation,for genetic algorithm, in a binary string? How can I get access to single chars in strings that are saved in structure while I only have pointer to this structure How can I free pointers to string pointer? how can i read a character if I have the initial pointer of that string How can I append NULL onto the end of a string pointer array? How can I replace characters in a string using a pointer? (in c code) How can I use a character pointer and input a string into it? How can i save a string into a pointer and redefine it using malloc? C
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM