|
Title: I need an help with GDB Post by: Pacochan on November 06, 2010, 01:20:19 PM Hi guys.
I don't know if it the right place where to ask an help. Anyway, I'm writing an exploit for the new proftpd stack overflow vulnerability. Infact, I already analyzed the stack and created the exploit... the problem is that it works only if I install proftpd in the debug mode. I know there is a way with GDB to attach the pid of the process running in a normal way ( for "normai", I mean withou debug options ) in order to keep a neat stack on which I can work... In other words, if u want to develope an exploit for a vulnerable linux service with root privilages... what would u do? Thanks in advance... I hope my italienglish is enought easy to understand!! :) Title: Re: I need an help with GDB Post by: xXxKrisxXx on November 06, 2010, 03:29:08 PM hey pacochan,
You may want to take a look at this video series on SecurityTube: Buffer Overflow Primer Part 1 (http://www.securitytube.net/Buffer-Overflow-Primer-Part-1-%28Smashing-the-Stack%29-video.aspx) Vivek uses gdb throughout the whole series - it may be useful for what your trying to do! -Kris Title: Re: I need an help with GDB Post by: Pacochan on November 06, 2010, 08:19:21 PM Thank you!
Infact, what I really need is to understand how to debug a large applications. The first videos seems to work only on a simple source file, but anyway i will watch all the videos. Maybe it could give me some ideas!!! Title: Re: I need an help with GDB Post by: mesho on November 07, 2010, 11:40:05 PM ammmmm, i see this trick before mentioned in the
smashthestack.org but i can't tell where exactly?!!! ???
Powered by SMF 1.1.18 |
SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com |