Search code examples
securitystackbuffer-overflowexploit

About Stack Buffer Overflow Exploits

I'm trying to learn how to write exploits for stack overflows by installing random apps from SourceForge and testing them with bad inputs.

  1. I faced some programs where the app crashes but my input doesn't overwrite the EIP register... What should I do about that? I also noticed some apps were developed in Visual Basic and they just show a message box saying the input was too long and the app crashes.

  2. My desktop is full of new apps that I just downloaded for testing. Is there a way to test apps without filling my computer with them all the time and also without taking the risk of running some bad apps?

Solution

  • To answer your questions in order:

    1. The overflows you're seeing may require SEH exploits, where the crash triggers the structured exception handler (SEH), rather than simply overwriting EIP. It may of course, be that the program simply cannot be exploited. Take a look at this tutorial on corelan for details of SEH exploits.
    2. As suggested by blackbird, using virtual machines would mean no cluttering of your own machine. Of course you would need a Windows ISO or image to install for working on Windows based apps, or you could install a Linux distro and concentrate on Linux apps.

    Note that a better approach to learning may be to practice on apps from exploit-db - that way you know they are vulnerable and the POC will show you where they are exploitable. Start with something easy like the Ability FTP server or again check the tutorials on corelan.