All Questions
Tagged with exploit-developmentmemory
6 questions
0votes
0answers
353views
64 Bit ELF Buffer Overflow Not working possibly due to if statement
I wrote the following: #include <stdio.h> int win(){ printf("Won!\n"); return 0; } int vulnerable(){ char buffer[20]; memset(buffer, 0, 10); printf("Input: &...
0votes
1answer
567views
Assigning memory address of shellcode to buffer (for buffer overflow input)
I am attempting to exploit HEVD kernel driver buffer overflow challenge: https://github.com/hacksysteam/HackSysExtremeVulnerableDriver However when running the below code my windows 7 machine doesn't ...
- 11
2votes
1answer
505views
How to use "jmp" in ROP
I'm trying to put together a ROP chain. I'm looking for a gadget to do the following: mov rdi, rdx ; mov rbp, rsp ; ret; But instead, I have a gadget like this : mov rdi, rdx ; mov rbp, rsp ; jmp ...
- 31
3votes
1answer
167views
Exploit development - Will different devices with the same OS/Architecture have the same exact process memory (e.g. addresses) for a given binary?
Sometimes, when I develop an exploit that perfectly works on a given machine, it will fail on a different one, despite them having the same OS/Architecture and configurations (like language, which in ...
- 199
1vote
0answers
147views
Dynamic memory management i386 vs amd64
I've spotted some differences in the behavior of the GNU/Linux dynamic memory allocator in i386 vs amd64. While it's possible that I'm misunderstanding something ( in this case let me know ), I don't ...
- 11
4votes
2answers
755views
How do self-contained executable program exploits work, when considering virtual memory?
My understanding of virtual memory is that the operating system allows each process to have access to the entire pool of memory, and creates this illusion by paging. As a consequence, a program can ...
