Skip to content
Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
README.md
ipconfig.png
revshell.png
vulnserver-lter-seh.py
vulnserver-lter.spk

README.md

SEH Overflow LTER in VulnServer

Now this one was fun ... there was very little room to play with but fourtunatly when the shellcode is passed in as 0xFF in the overflow it treats it as an 0x80 which allowed for me to jump backwards up the stack and then use add/sub encoding to push in the egg hunter into the stack below ... which then let us find the egg that we sent through on the first request!

Windows XP SP3 machine's IP address

Image of Windows IP Config

Reverse Shell coming back from the Windows XP SP3 machine

Image of Reverse Shell

You can’t perform that action at this time.