uperkurk wrote:Just had a look at that exploit code and dam thats alot of code O_0 looks so confusing, what language is it
It's an exploit for a bug in Apache OpenSSL, where a few tools may already have this (exploit) compiled and ready to use. (Hint: Metasploit is one I'd try, or perhaps even the SecurityForest Exploitation Framework.)
This Exploit: http://www.exploit-db.com/exploits/764/
Is written in the programming language known as: C
A quick overview of this code:
- The 20 first lines are includes (libraries with functions necessary for this "program" to work.)
- From that and down to the line: "Yellow Dog Linux/PPC 2.3 (apache-1.3.22-6.2.3a)", it appears to be "Return Addresses" which EIP is overwritten with. (Basically it's an address in memory where the execution will be forced to.)
- Near the "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" part, it's the buffer to cause this error. A (yes the letter A), is often used to fuzz with. This is especially seen in older buffer overflows.
- Near "\x90\x90\x90\x90" we have the beginning of the actual shellcode it seems, as \x90 is a NOP (No Operator / No Instruction, often used for better reliability and stability of the exploit due to different memory layouts on different systems.
The rest is pretty much crafting a "legitimate" SSL packet and then sending it off, including a "how to use this program".
The packet being sent, overflows a buffer, which eventually leads to remote code execution in this scenario.
I know it's a very rough breakdown of the exploit, but I hope you gained some new knowledge from my reply
If you want some info on how to write buffer overflows there's various resources, including a video I once made a couple of years ago: http://guides.intern0t.net/msf2.php
(it's a very simple overflow, but nice for beginners in this area, etc.)
References:http://www.woodmann.com/collaborative/s ... _Framework