BOF - TCM

Spiking: Finding the vulnerable Part of the program.
Fuzzing: Sending a bunch of characters at a program and see if we can break it.
Finding the Offset: Find out what point we did break it. We want to find something called the offset.
Overwriting the EIP: We use that offset to overwrite the EIP that pointer address.
Finding Bad Characters: Once we have EIP controlled, we need to cleanup thing that is called Finding Bad Characters or Finding the right module.
Finding the Right Module: After bad characters, we have to find the right module.
Generating Shellcode: Once we have the information from step 5 to 6, we can generate the malicious shell code that will allow us to get the reverse shell.

Last updated 2 years ago

Spiking: Finding the vulnerable Part of the program.
Fuzzing: Sending a bunch of characters at a program and see if we can break it.
Finding the Offset: Find out what point we did break it. We want to find something called the offset.
Overwriting the EIP: We use that offset to overwrite the EIP that pointer address.
Finding Bad Characters: Once we have EIP controlled, we need to cleanup thing that is called Finding Bad Characters or Finding the right module.
Finding the Right Module: After bad characters, we have to find the right module.
Generating Shellcode: Once we have the information from step 5 to 6, we can generate the malicious shell code that will allow us to get the reverse shell.

Last updated 2 years ago