An exploit is a piece of software, a chunk of data, or sequence of commands that takes advantage of a bug, glitch, or vulnerability in order to cause unintended or unanticipated behavior to occur. This frequently includes such things as gaining control of a computer system, allowing privilege escalation, or a denial of service attack.
Questions tagged [exploit]
790 questions
-3
votes
2 answers
WHY does this shellcode program issue segmentation fault warning?
The code of the c program is shown below, and what it is supposed to do is running the opcode in a char array, which in turn would spawn a shell.
/* call_shellcode.c */
/*A program that creates a file containing code for launching shell*/
#include…
glenjoker
- 91
- 7
-3
votes
1 answer
How to use buffer overflow exploit
I try to learn the buffer overflow exploit .
i have this code :
#include
int read_req(FILE *p) {
char buf[16];
int i;
fgets(buf, 1024, p);
i = atoi(buf);
return i;
}
int main()…
saidmohamed11
- 275
- 5
- 15
-3
votes
1 answer
What does "ModLoad" does in python code?
I am trying to utilize an exploit code available online using python compiler 2.7.10. However I have no clue, what does the 'modload' command does, following is the code:
import socket, sys
print "\n"
print…
Muhammad Suleman
- 727
- 4
- 13
- 24
-3
votes
1 answer
What is a Kernel Space Shellcode? and How can we debug it?
Im a beginner in Linux and exploitation things.. and I'm trying to figure out what is a kernel space shellcode and how can we debug it .. Thanks in advance =)
Rebecca
- 31
- 1
- 1
- 3
-3
votes
1 answer
XSS - No escaping, but not rendering
I have a site where a page http://www.example.com/errorpage.html?errmsg="Some error string"
This error string is then rendered into the webpage in a
Some error string
fashion server side, then the HTML is sent to the…
Mitchell
- 929
- 2
- 11
- 34
-4
votes
1 answer
Why too much data fails to overwrite instruction pointer?
Recently i was trying buffer overflow on a simple c code that has been shown in opensecuritytraining's exploit class 1. Here is the code
#include
char *secret ="hello";
void go_shell()
{
printf("This is go_shell\n");
}
int…
Anurag Kashyap
- 11
- 4
-4
votes
1 answer
Segmentation faults in stack-based buffer overflow
I was doing the SEED lab on buffer overflows which has the following vulnerable code:
/* stack.c */
/* This program has a buffer overflow vulnerability. */
/* Our task is to exploit this vulnerability */
#include
#include…
nanoman
- 341
- 4
- 11
-4
votes
3 answers
Format string vulnerability and input strings
Assume I have the following program:
#include
#include
#include
int main (int argc, char **argv)
{
char buf [100];
snprintf ( buf, sizeof buf, argv [1] ) ;
buf [ sizeof buf -1 ] = 0;
printf ( "%s…
badnack
- 737
- 1
- 11
- 20
-6
votes
2 answers
What is this kind of shell code in c or c++?
i have this code
#include
#include
#include
char shellcode[]=
"\x31\xc0" /* xorl %eax,%eax */
"\x50" /* pushl %eax */
…
user3620354
- 17
- 3
-7
votes
1 answer
Is this preg_replace exploitable?
I'm looking to exploit this preg_replace call:
$str = preg_replace($pattern, '__', $str);
I can control both $str and $pattern variables, but I'm not sure this is enough to inject
arbitrary PHP code. Some idea? :)
user2041321
- 1
- 2