Some
things that can go wrong include the following:
??? Incorrectly crafted protocol element fails to cause program to execute to the
location of the vulnerability.
??? Return address fails to align properly with the saved eip on the stack.
??? Heap control data fails to properly align and overwrite heap structures.
??? Poor placement of shellcode results in portions of your shellcode being
overwritten prior to its execution, generally resulting in your shellcode crashing
??? Your input contains characters that prevent some or all of your data from being
properly placed in memory
??? The target program performs a transformation on your buffer that effectively
corrupts your shellcode, for example, an ASCII-to-Unicode expansion
Payload Protocol Elements
Detailed discussion of specific protocol elements is beyond the scope of this book since
protocol elements are very specific to each vulnerability. To convince the vulnerable
application that it should do what you want, you will need to understand enough of its
protocol to lead it to the vulnerable portion of the program, convince it to place your
payload in memory somewhere, and finally cause the program to trigger your exploit. It
is not uncommon for protocol elements to precede and follow your shellcode.
Pages:
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834