Author Topic: Where to put shellcode to be able to execute it? (Read 9996 times)

turtle13 · « **on:** June 04, 2018, 07:58:11 PM »

I would like to do a buffer overflow attack (an assignment for class) and I am exploiting an unbounded buffer. The buffer is 288 bytes and my shellcode is 118 bytes.

Where should I put my shellcode? Should I put it in memory after the return address and do a unconditional jump when the overflowed buffer reaches the return address into the stack, so that when it reaches ret (pop rip) the instruction in rip is the unconditional jmp instruction?

debs3759 · « **Reply #1 on:** June 05, 2018, 01:04:18 PM »

Do you mean you want help writing a virus?

Frank Kotler · « **Reply #2 on:** June 05, 2018, 06:01:06 PM »

If I told you where to stick your shellcode, I'd have to ban myself from the Forum for bad language!

Seriously. I don't know the answer to that question. I try to avoid that... stuff... not write it. I understand you're taking a class. Presumably to defend against that... stuff... In my opinion, the fewer people who know how to do that... stuff... the better off we all are. I guess it's too late. Surely your class can tell you where to put it. Really not on-topic here.

Best,
Frank

NASM - The Netwide Assembler

News:

Author Topic: Where to put shellcode to be able to execute it? (Read 9996 times)

turtle13

Where to put shellcode to be able to execute it?

debs3759

Re: Where to put shellcode to be able to execute it?

Frank Kotler

Re: Where to put shellcode to be able to execute it?