Highest Voted 'exploit' Questions

4

votes

1 answer

How to run shellcode in python 3?

I'm trying to run shellcode in python, and have the following working python2 code, but I need it to be converted to python3. I fixed all the syntax errors (just the missing encoding for bytearray) and it just gives me access violation writing…

python python-3.x exploit

asked May 27 '20 at 06:00

CodeX

61
2
5

4

votes

2 answers

Buffer Overflow Attack doesn't work on Ubuntu 20.04

I'm trying to do a Buffer Overflow attack on a simple C program that takes a buffer and print it. I've tried many combinations but at the end, when I try to execute my shellcode, I always get Segmentation Fault. I've mainly followed this tutorial :…

c security ubuntu buffer-overflow exploit

asked May 12 '20 at 22:17

Giorgia

41
2

4

votes

3 answers

Exploits in Python - manipulating hex strings

I'm quite new to python and trying to port a simple exploit I've written for a stack overflow (just a nop sled, shell code and return address). This isn't for nefarious purposes but rather for a security lecture at a university. Given a hex string…

python security hex exploit

asked May 07 '11 at 00:36

Mike B.

123
1
7

4

votes

4 answers

Safe Use of strcpy

Plain old strcpy is prohibited in its use in our company's coding standard because of its potential for buffer overflows. I was looking the source for some 3rd Party Library that we link against in our code. The library source code has a use of…

c++ strcpy exploit

asked May 07 '18 at 16:00

9Breaker

724
6
16

4

votes

1 answer

Using a separate register to store return address?

I'm reading about how exploits work, and it seems like a lot of them operate by overwriting the return address on the stack. There's been a lot of effort put into making this more difficult (stack canaries, ASLR, DEP, etc), but it seems to me that…

security assembly hardware exploit

asked Jul 26 '17 at 00:25

John Thompson

41
1

4

votes

1 answer

Register window in blank on immunity debugger

Everytime when I send a buffer 1000 bytes long to the freefloat ftp server in the MKD command , it crashes. I am trying to develop an exploit for it so I attached the immunity debugger to the freefloat ftp server process but when I send the buffer…

debugging ftp exploit

asked Jul 11 '17 at 03:36

John DC

43
1
5

4

votes

1 answer

GDB: Change string in memory on stack

I'm attempting to make my way through a Capture-the-Flag live VM, and getting stuck when trying to use gdb to alter a value passed on the stack (last item to be pushed): system("date"); To system("ash"); So far, my gdb efforts have been as…

gdb exploit internals

asked Feb 11 '17 at 16:13

swisscheese

321
3
12

4

votes

2 answers

Exploiting vulnerabilites in php's fopen

I am taking a cyber security class and for an assignment we have to exploit a specific php file and gain some sort of access to the server that it is hosted on. I can set my own $email and $password variables as they are set with $_POST. I believe…

php fopen exploit

asked Jan 19 '17 at 00:38

user3267256

113
2
11

4

votes

0 answers

Android - Implementing a means to get 'real' time in offline apps

Background The company I work for is creating an app that collects information from various device events and sensor data. One of the things we would like to be able to do is use time to process the data when it gets to the server. We would also…

android datetime jakarta-ee exploit offlineapps

asked Dec 02 '16 at 11:18

Saik Caskey

500
4
18

4

votes

1 answer

I'm trying to exploit a bufferoverflow, am I doing something wrong?

I'm trying to execute a buffer overflow exploit using this tutorial Everything in my post will be execute directly inside GDB. https://www.reddit.com/r/hacking/comments/1wy610/exploit_tutorial_buffer_overflow/ and this is the code on which I would…

c gdb buffer-overflow exploit

asked Jul 16 '16 at 22:00

S7_0

1,165
3
19
32

4

votes

1 answer

Offbyone buffer overflow NULL byte in payload

So I was trying Offbyone Buffer overflow with the help of this following simple code #include void cpy(char *x){ char buf[128]=""; strncat(buf,x,sizeof(buf)); } int main(int argc, char **argv) { cpy(argv[1]); } As this diagram…

c reverse-engineering exploit

asked Jun 10 '16 at 03:06

Dhayalan Pro

579
1
5
20

4

votes

1 answer

Finding the start of the stack for a buffer overflow

According to the book, Gray Hat Hacking, "all Linux ELF files are mapped into memory with the last relative address as 0xbfffffff". By subtracting 4 NULL bytes, the length of the filename and the length of the shellcode from this address, it should…

c linux environment-variables buffer-overflow exploit

asked Aug 17 '15 at 19:15

Dead Silence

84
7

4

votes

1 answer

nodejs - blocking php script exploit attempts

I have a lot of requests for php exploit files and would like to 'handle' them. GET //phpMyAdmin/scripts/setup.php 200 42.452 ms - 3703 GET //phpmyadmin/scripts/setup.php 200 43.431 ms - 3703 GET //pma/scripts/setup.php 200 47.159 ms - 3703 GET…

php node.js exploit

asked Jun 08 '15 at 03:54

crankshaft

2,607
4
45
77

4

votes

2 answers

C: Reading more bytes than format string wIth format string injection

In the paper Exploiting Format String Vulnerabilities the authors give the following code sample where input is some unfiltered user input. char outbuf[512]; char buffer[512]; sprintf (buffer, "ERR Wrong command: %400s", input); sprintf (outbuf,…

c printf string-formatting exploit

asked Dec 03 '14 at 16:57

user4099632

4

votes

0 answers

node.js runInNewContext with untrusted code

According to the node.js vm module docs: Note that running untrusted code is a tricky business requiring great care. To prevent accidental global variable leakage, vm.runInNewContext is quite useful, but safely running untrusted code requires…

javascript node.js security exploit

asked Apr 15 '14 at 11:13

Nathan MacInnes

11,033
4
35
50

Questions tagged [exploit]