Results 1 to 4 of 4

Thread: ecx overwritten +overflow

  1. #1

    ecx overwritten +overflow

    Hello all,
    I kindly ask if someone could explain me in a simple way which are the "right" steps to put the right address into ecx to land inside myjunk.
    This one is my "actual" situation:

    ecx offset is 15000
    myjunk = "A"*15000
    ecxaddress = ?? how can i check which readable address i need to put here?? i' m using immunity debugger

    I noticed that there is another thread below but it is not clear for me (i have the same problem)
    http://www.woodmann.com/forum/archive/index.php/t-13375.html
    sorry for the noob question!! hope that you can understand
    thanks a lot
    Luc

  2. #2
    well, first of all it might be an idea to give us an idea of what you are actually doing..

  3. #3
    yes sure, nothing special .. i'm playing with a small custom application and i found a buffer overflow so i'm trying to exploit it just for fun, below there is the stack record:
    the stack:

    eax 00000003
    ecx 42424242
    eip 0048AD90 appl.0048AD90

    Best regards
    Last edited by blowfrank; December 21st, 2010 at 11:15.

  4. #4
    ekse
    Guest
    This might not be exploitable since EIP was not overwritten. The debugger stopped because of an access violation, look what instruction the debugger stopped at to see if it is a read or write error. If it's a write error and you can control both the destination and the content this might be exploitable. Also you should try to pass the exception (Shift-F9) to see if the SEH chain is overwritten. You can also try with a shorter/longer buffer.

    Needless to say you will need a basic understanding of assembly to exploit this. If you are just starting with exploit writing you might want to try a simpler one where you directly overwrite EIP.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Similar Threads

  1. Enthusiastic question about this stack overflow.
    By ptr0x in forum Advanced Reversing and Programming
    Replies: 1
    Last Post: March 17th, 2014, 01:21
  2. # self-overwritten REP STOS/MOVS, IDA-Pro 5.4 and Ko
    By nezumi-lab in forum Blogs Forum
    Replies: 1
    Last Post: February 9th, 2009, 14:50
  3. Integer overflow
    By OpenRCE_EliCZ in forum Blogs Forum
    Replies: 0
    Last Post: April 25th, 2008, 12:41
  4. Debugging a stack overflow - hardware breakpoints problem
    By Fireice in forum OllyDbg Support Forums
    Replies: 2
    Last Post: May 17th, 2005, 04:30
  5. About the buffer overflow bug
    By thomasantony in forum Bugs
    Replies: 7
    Last Post: April 16th, 2005, 05:34

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •