Tag: taeho oh

Penetration Testing Wiki

Advanced buffer overflow exploit by Taeho Oh

Note: Transcription from the original article written by Taeho Oh. Internet cannot forget this legend! 1. Introduction Nowadays there are many buffer overflow exploit codes. The early buffer overflow exploit codes only spawned a shell (execute “/bin/sh”). However, nowadays some of the buffer overflow exploit codes have very powerful features.For example, passing through input filtering,…
Read more

How to find shellcode address

Some notes on how to find the right address in your specific environment to exploit Apache On my environment Debian Sarge with Apache 1.3.34 installed from apt-get, the address which I had to jump to execute the shellcode was 0x0834ae77. As this address it is not helpful at all in exactly the same conditions, here…
Read more