📓
Exploit Dev
  • README
  • assignments
    • labs
      • Lab 2: Sample Code
      • Lab 1: Crash RM2MP3 Converter
      • Lab 1: Getting a legitimate shell
      • Lab 10: Bad Characters
      • Lab 8: Changing encoding to get shellcode
      • Lab 7: Writing shellcode
      • Lab 6: Locating op codes
      • Lab 5: Shellcode testing
      • Lab 4: Shellcode?
      • Lab 3: Locating EIP
    • images
      • README
Powered by GitBook
On this page
  • Introduction to Exploit Development Course
  • Scenario
  • Activity summary:

Was this helpful?

README

Nextassignments

Last updated 4 years ago

Was this helpful?

Introduction to Exploit Development Course

Scenario

  • Media RM2MP3 Converter is a small software application specialized in converting audio and video files (RM and RMVB) to MP3 file format using batch actions

    On July 17, 2009 a Buffer Overflow vulnerability was reported for this software via

  • Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.m3u) file.

    Prerequisites

    Easily found with a quick Google search.

    • RM2MP3 Converter

    • Immunity Debugger (Optional)

Activity summary:

  • Lab 1 -

  • Lab 2 –

  • Lab 3 –

  • Lab 4 –

  • Lab 5 –

  • Lab 6 –

  • Lab 7 –

  • Lab 8 –

  • Lab 9 –

  • Lab 10 -

packetstormsecurity.org
Crash RM2MP3 Converter
Sample Code
Locating EIP
Shellcode?
Shellcode testing
Locating op codes
Writing shellcode
Changing encoding to get shellcode
Getting a legitimate shell
Bad Characters