w01f Posted September 30, 2020 Share Posted September 30, 2020 Quote Vulnserver is a multithreaded Windows based TCP server that listens for client connections on port 9999 (by default) and allows the user to run a number of different commands that are vulnerable to various types of exploitable buffer overflows. This software is intended mainly as a tool for learning how to find and exploit buffer overflow bugs, and each of the bugs it contains is subtly different from the others, requiring a slightly different approach to be taken when writing the exploit. https://github.com/stephenbradshaw/vulnserver In this tutorial, sh3llc0d3r created 5040 bytes data using Metasploit pattern_create.rb. http://sh3llc0d3r.com/vulnserver-trun-command-buffer-overflow-exploit/ /usr/share/metasploit-framework/tools/pattern_create.rb 5040 But in the following Python script, he/she using 5060 instead of 5040. buffer = "TRUN /.:/" + "A" * 2003 + "\x42\x42\x42\x42" + "C" * (5060 - 2003 - 4) What happens to the other additional 20 bytes of data? Where did it come from? Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.