• PWN
  • Introduction
  • Setup Environment
  • Integer
    • Integer 0
    • Integer 1
  • Format
    • EF
      • EF 0
      • EF 1
    • RAM
      • RAM 0
    • WAM
      • WAM 0
      • WAM 1
      • WAM 2
      • WAM 3
    • GOT
      • GOT 0
      • GOT 1
      • GOT 2
      • GOT 3
  • Heap
    • UAF
      • UAF 0
      • UAF 1
    • Pointer
      • Pointer 0
    • Overflow
      • Overflow 0
      • Overflow 1
    • Malloc
      • Doug Lea
      • Doug Lea 2
  • Logical
    • Logical 1
    • Logical 2
    • Logical 3
    • Logical 4
  • CPU
    • Spectre & Meltdown
  • Powershell
    • Upgrade Attack
  • Shellcode
    • Sample 1
    • Sample 2
  • Hybrid
    • Stack x Format
      • SxF 0
    • Stack x Heap
  • Stack
    • ROP
      • ROP 0
      • ROP 1
      • ROP 2
      • ROP 3
      • ROP 4
      • ROP 5
      • ROP 6
    • CIP
      • CIP 0
      • CIP 1
      • CIP 2
      • CIP 3
      • CIP 4
      • CIP 5
      • CIP 6
    • Overwrite
      • Overwrite 0
      • Overwrite 1
      • Overwrite 2
      • Overwrite 3
      • Overwrite 4
      • Overwrite 5
      • Overwrite 6
      • Overwrite 7
      • Overwrite 8
      • Overwrite 9
    • Shellcode
      • Normal 0
      • Normal 1
  • Network
    • Little Endian
    • Little Endian Unpack
    • Little Endian Unpack and Pack
  • Windows
    • Bad Charachters
    • FreeFloat FTP Server
    • Disable ASLR via EMET
    • SLMail
    • WarFTPd
    • MiniShare
    • Savant Web Server
Powered by GitBook

Bad Charachters

Daftar Bad Chars

\x00
\x0a
\x0d
\x40
\xcc

Bad Chars x Privileged Instruction

pop ebx: \x5b
privileged instruction: \x6c

Illegal Instruction

\x09\x0a\x0b\x0c\x0d\x20\xff

No Command

\xff
  • https://blog.own.sh/introduction-to-network-protocol-fuzzing-buffer-overflow-exploitation/
  • https://xorl.wordpress.com/2010/11/15/cve-2010-4221-proftpd-telnet_iac-remote-stack-overflow/
  • https://security.stackexchange.com/questions/149940/warftpd-exploit-strange-shellcode-behaviour Referensi
  • https://resources.infosecinstitute.com/stack-based-buffer-overflow-in-win-32-platform-part-6-dealing-with-bad-characters-jmp-instruction/#gref
  • https://github.com/justinsteven/dostackbufferoverflowgood/blob/master/dostackbufferoverflowgood_tutorial.md
  • http://scx030c067.blogspot.com/2013/01/find-bad-character-in-buffer-overflow.html

  • http://www.primalsecurity.net/0x7-exploit-tutorial-bad-character-analysis/

  • https://bulbsecurity.com/finding-bad-characters-with-immunity-debugger-and-mona-py/

results matching ""

    No results matching ""