> From: rootat_private [mailto:rootat_private]On Behalf Of Dave Aitel > Sent: Monday, October 29, 2001 12:16 PM > > What's probably happening is that your overflow doesn't actually occur > (meaning - doesn't overwrite the saved return address on the stack) > unless the cpu switches register windows at the right moment. Try > loading the machine down and giving that a shot. Also try making your Ah, this reminded me of some problems I experienced in coding an overflow with an exact offset (not sure if that's what you're doing here). If you trace the program execution to get the memory address where your shellcode will be stored, the address will not be the same as it would be when the program is run normally. You may need to account for this. Also, I've come across situations when the shellcode did execute, but it didn't look like it because the shell immediately terminated without an open pipe. Of course, I haven't don't much work with overflows, I haven't worked with a sparc, and my head is spinning right now anyway... Hopefully this wasn't too useless a post. ;)
This archive was generated by hypermail 2b30 : Mon Oct 29 2001 - 16:46:31 PST