O'Reilly logo

Wicked Cool Ruby Scripts by Steve Pugh

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Finding the Payload Space

I mentioned that the payload space variable was critical to our exploit. The next step in development is to define the payload. To do this, we first need to find out how much space is available to play with. The more space we have, the more options we get as far as how much capability we can fit into our payloads. There are 104 payloads in MSF 3.1, and each payload is a different size. If the vulnerable program has limited space for us to use, then some of the larger payloads won't work. We also need to know what position on the stack is read as the next instruction right before it crashes.

During our first two exploit attempts, OllyDbg told us that the next instruction pointer's address was 0x41414141 when the FTP server ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required