BUFFER OVERFLOW Shellcode: The Payload

SHELLCODEIn order to execute our raw exploit codes directly in the stack or other parts of the memory, which deal with binary, we need assembly codes that represent a raw set of machine instructions of the target machines.  A shellcode is an assembly language program which executes a shell, such as the '/bin/sh' for Unix/Linux shell, or the command.com shell on DOS and Microsoft Windows.  Bear in mind that in exploit, not just a normal shell but what we want is a root shell or Administrator privilege (note: In certain circumstances, in Windows there are account that having privileges higher than Administrator such as LocalSystem).  Shellcode is used to spawn a (root) shell because it will give us the highest privilege.  A shellcode may be used as an exploit payload, providing...

Read more »

Buffer over flow tutorial

THE VULNERABLE AND THE EXPLOITWarning:  All the security setting for buffer overflow protection (non-executable stack and randomization of the certain portion of memory addresses) of the test Linux Fedora machine used in this section has been disabled for the educational purpose of the demonstration.  Do not do this on your production machines! OS:  Fedora 3, 2.6.11.x kernel with several updates.CLICK HEREWith the knowledge that we supposedly have acquired, let test the stack based buffer overflow in the real vulnerable program.SOME BACKGROUND STORY OF THE SUIDIn certain circumstances, unprivileged users must be able to accomplish tasks that require privileges.  An example is the passwd program, which allows normal user to change their password. Changing a user’s password...

Read more »

How to get your computer to have an FBI login screen

1) Download LogonStudios (It's Vista version but if you have Windows 7 it works) Code: http://www.megaupload.com/?d=I8DIQ2YN For xp users: Code: http://www.stardock.com/products/logonstudio/downloads.asp 2) You can download the FBI file here Code: http://www.wincustomize.com/explore/logonstudio_xp/9606/ Or Code: http://skins19.wincustomize.com/24/79/2479496/26/9859/preview-26-9859.jpg Optional 3) The switch user button was annoying me so i downloaded this to remove it (I'm the only one on my computer so i doubt ill miss it) Code: http://www.megaupload.com/?d=8N0EGIW4 Start it up, then open it and it'll do the rest For the users that want their 'switch user' button back download this: Code: http://www.megaupload.com/?d=AA5V5SFQ Just...

Read more »