Ethical Hacking and Penetration Testing Guide ( PDFDrive )
10 Windows Exploit Development Basics .....................................................................271 Prerequisites ....................................................................................................................271
What Is a Buffer Overflow?.............................................................................................271
Vulnerable Application .................................................................................................. 272
How to Find Buffer Overflows ....................................................................................... 273
Methodology ................................................................................................................. 273
Getting the Software Up and Running .......................................................................... 273
Causing the Application to Crash .................................................................................. 273
Skeleton Exploit ..............................................................................................................275
Determining the Offset ........................................................................................ 278
Identifying Bad Characters ................................................................................... 280
Figuring Out Bad Characters with Mona .......................................................................281
Overwriting the Return Address ........................................................................... 283
NOP Sledges......................................................................................................... 285
Generating the ShellCode ..................................................................................... 286
Generating Metasploit Module ...................................................................................... 287
Porting to Metasploit ..................................................................................................... 288
Contents
◾
xvii Conclusion ..................................................................................................................... 290
Further Resources .......................................................................................................... 290