piątek, 29 lipca 2016

Exploiting Kali2 - Part 1


few days ago I was waiting for another results from one of the fuzzers. I decided to start
another VM - this time with Kali2 - and try to find few bugs to play...

...and that's how I found some about 50 bugs in software installed on the box by default.

One of them is really simple to exploit and get a shell (not uid0, but I thought it will also
be a cool exercise if you want to practice exploit writing). Try /usr/bin/jad to findout how.
The binary is pretty old, but - for fun - it's always pleasure to exploit another bug. ;)

Check the screen below to see the whole process. I decided to add gdb-peda to Kali.

Results below:

If you want - 'try it at home' ;)

Some steps you will take should probably be similar to:
- prepare a shellcode (I used 24b long code from gdb-peda default bank)
- find an offset
- find a RET
- enjoy your shell ;)

If you will have any questions, feel free to ask. I will answer as soon as possible.

Later I will try to post here some more cases... :)


Brak komentarzy:

Prześlij komentarz