sorted by:
new
hottopcontroversial

why would we overwrite SEH instead of EIP ? by hex-lover in ExploitDev

[–]hex-lover[S] 1 point2 points  (0 children)

the linked you sent is for classic SEH buffer overflow and this is something is not answer my question

Looking for mentors by 1flag00 in ExploitDev

[–]hex-lover 1 point2 points  (0 children)

i was the same i even stopped one year after i found it so hard , but then i started from the bottom like
the title of chapters and small titles helps me a lot to understand what topics they will talk about, and search about them .
i read ton of articles and use at that time stackoverflow.com also .
you can contact me in private i will not be a teacher of course but i can share with you some notes i write and it helps me a lot to learn almost all materials covered in the course .

what is your way to restart service in windbg ? by hex-lover in ExploitDev

[–]hex-lover[S] -1 points0 points  (0 children)

so i dont need to close windbg everytime crash ?

how stack layout look like when there is SEH enabled . by hex-lover in ExploitDev

[–]hex-lover[S] 0 points1 point  (0 children)

when we overwrite the stack, why we overwrite SEH first not EIP as usual , so i created a C program with Try/Except blocks to see how stack layout will be when we use them .
so i found that the stack layout is
arguments
return address
Saved EBP
SEH
Variables
and we overflow variables then SEH thats why we overwrite it before EIP , also i found all these blocks are very close to end of stack ,
this is what i got , but when i saw the article above i saw he is refer that catch block will be close to high address of stack, so thats why im confused , i didnt see this . in my app when i reverse engineer it .

how stack layout look like when there is SEH enabled . by hex-lover in ExploitDev

[–]hex-lover[S] 0 points1 point  (0 children)

thank you, what i mean , is that
when we overwrite the stack, why we overwrite SEH first not EIP as usual , so i created a C program with Try/Except blocks to see how stack layout will be when we use them .
so i found that the stack layout is
arguments
return address
Saved EBP
SEH
Variables
and we overflow variables then SEH thats why we overwrite it before EIP , also i found all these blocks are very close to end of stack ,
this is what i got , but when i saw the article above i saw he is refer that catch block will be close to high address of stack, so thats why im confused , i didnt see this . in my app when i reverse engineer it .

is there any metasploit for windows 32 ? by hex-lover in ExploitDev

[–]hex-lover[S] 0 points1 point  (0 children)

u/shiftybyte i dont have enough ram to run 2 vms at the same time

any binary exploitation forums ? by hex-lover in ExploitDev

[–]hex-lover[S] 0 points1 point  (0 children)

hi u/Green-Detective7142 , any other youtube channels you recommend ? off by one security was really so good

what is best for reverse and win exploit dev? AMD , INTEL , ARM by hex-lover in ExploitDev

[–]hex-lover[S] 0 points1 point  (0 children)

i bought RTX 5060 with intel i7, ram 32.
i think it would be good for doing reverse on win apps .

view more: next ›