Re: Some help With BOF Exploits Writing. - EAX ?!

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

only changing registers does not make a lot of sense. the thing is:
registers can be thought of as variables. you use them to store data. IF your program uses EAX as a function-pointer, thus doing a jmp EAX, or it stores EAX in some location used for function-pointers, then storing your shellcode-address there would mean that you overwrite the functionpointer  with a pointer to your code. when the jmp or call is done, your code will be executed.
now if it does not, just check what EAX is used for and check if you can't use it in another way, e.g. an integer-overflow or whatever.

you should also check the vuln-dev-challenges. they occured some weeks ago. check out the archives of vuln-dev.

BTW: you should read some basic assembly-books ;)

• - This is a .signature-virus. If you see this, copy it into your .signature! If you don't know what a .signature is, you've most probably been infected by another virus of name Microsoft. In this case, please remove yourself from my fov or infect yourself with linux ;) || GPG public key available
  -----BEGIN PGP SIGNATURE-----
  Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/KWNfWCFHEwXrEHMRAmePAJ43HaFpxKcfz7iyMRv8EllZsFLsBACgjpeM /QMe/li+Tjdtoljdwl76zUY=
=VS+q
-----END PGP SIGNATURE-----
Received on Thu Jul 31 15:48:31 2003