Amonsec

It's all about security.

A simple blog where you can find different things about digital security.

Windows SEH Based Buffer Overflow

Introduction

For this post, we will find and exploit a SEH vulnerability in the Konica Minolta FTP server.
All I used can be download here:

You can download scripts in my github:

If you don’t have a solid knowledge about stack based buffer overflow I highly encourage you to read my first blog post: here.

Read More

Windows Stack Based Buffer Overflow

Introduction

Buffer overflow are mainly use to remotely exploit (or locally) applications in order to execute shellcodes, like reverse or bind shells. Its pretty intimidating for a new comers in this awesome field but with enough time and determination you will be able to learn fast and you will be able to exploit applications.

For this training I will use a windows 7 system VMware image that you can download here. Note, you can use VirtualBox but it’s VirtualBox.
Moreover, I will use inside the windows 7 machine:

My attacking machine is a Kali Linux system that you can download in the Kali Linux website here.

In this post I will try to do my best to be understand by the majority. If you want a more complete tutorial written by an expert, about Stack Based Buffer Overflow, I highly suggest you to read this post from the CORELAN website.

Before beginning this tutorial, a quick overview of how the exploit work.
The FTP client will connect as anonymous in our malicious FTP server and then we will send the exploit. So, you need to install your own virtual windows system, all the required tools (listed upper) and to have a connection between your virtual windows system and you attacking system.

Read More