Is there a general method for determining the proper offset for buffer overflow exploits? The context here is a pen test where I have gleaned enough information about the target machine to know that it is running vulnerable network services. I found exploits for these services, but none of them worked properly. I suspects the offsets are not correct. How does one go about tuning these offsets (assuming I don't know the exact architecture of the target machine and that I don't have any account on that machine)? Thanks in advance for any information, Ivan -------------------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon Jul 09 2001 - 18:38:07 PDT