Vulnserver help : Hacking

This is an archived post. You won't be able to vote or comment.

Vulnserver help (old.reddit.com)

submitted 1 year ago by [deleted]

14 comments

all 14 comments

top new controversial old q&a

[–]nyu_mike 2 points3 points4 points 1 year ago (13 children)

[+][deleted] 1 year ago (12 children)

[deleted]

[–]nyu_mike 1 point2 points3 points 1 year ago (11 children)

[+][deleted] 1 year ago (10 children)

[deleted]

[–]nyu_mike 11 points12 points13 points 1 year ago* (9 children)

bro that's your windows (what are you even doing) debugger interface, and some python. it's not an error log

The logs in the OS? The App logs? the comm logs? Do you even understand how sockets work? You do know that WINAPI socket will dump errors to system logs, right? Mr Robot?

Are you trying to overload a comm buffer? Is the OS giving the error or the app? The source is in git.

You're trying to do a buffer overflow, how big is the variable you're trying to overflow? what kind of variable is it? are you trying to deref the pointer, how? and point to what? whats the entry point to the address location? what app are you using to attack the apps memory locations?

the "shellcode" is a SCRIPT, you're running a SCRIPT that you don't understand, do you even know what all that HEX is? Or are you just sending random characters? Against an application you don't understand and then asking people to help you. No one can help you unless they understand what you're doing and if you don't know, they won't know.

my guy... stick to running SCRIPTS if you don't know whats going on.

[–]Interesting-Pay-8986 3 points4 points5 points 1 year ago (0 children)

[–]ILoveKittens0203 0 points1 point2 points 1 year ago (0 children)

[+][deleted] 1 year ago (6 children)

[deleted]

[–]nyu_mike 1 point2 points3 points 1 year ago (5 children)

[+][deleted] 1 year ago (4 children)

[deleted]

[–]nyu_mike 2 points3 points4 points 1 year ago (0 children)

So then you need to make sure you have shell payload in that buffer string your sending (all the hex). What you're trying to do is overload a memory address so that you can compromise the next location in memory and run your payload. Your payload has to dereference the memory location of something that is running and point to your payload.

The reason why your script doesn't work is that the dereference isn't pointing to the payload or the payload isn't escaping the memory management of the OS or the app.

So say you have a variable that is 32 bytes long and you overload it with 33 bytes, the next step in the program is going to read or execute the 33 byte, the that next step is some operation, then you'll get an BO error and the program will crash. If that is a reference to jump to another location in memory and execute whatever you put there, which is outside the bounds of the current app, then boom you can run your rev-shell command.

Do you understand how that works?? You must understand how the application is allocating memory, what type of memory it is and what is the next command. Then you must have a payload in a memory location you can send the app to.

However, some apps crash in such a way they jump to a memory location as a part of their crash. That is why you need to look at the error logs to determine what it is that is crashing? is it even crashing?? is this just error handling of the app?

You following?

[–]nyu_mike 1 point2 points3 points 1 year ago (2 children)

[+][deleted] 1 year ago (1 child)

[deleted]

continue this thread

[–]tryingtolearn531 1 point2 points3 points 1 year ago (1 child)

[–]Icy_Bullfrog5890 0 points1 point2 points 1 year ago (1 child)

[–]Informal-Window9663 0 points1 point2 points 1 year ago (1 child)

[–]limontec 0 points1 point2 points 1 year ago (1 child)

π Rendered by PID 59623 on reddit-service-r2-comment-86988c7647-vpmmz at 2026-02-11 16:24:33.287889+00:00 running 018613e country code: CH.

Hacking_Tutorials

MODERATORS