Spiking and Fuzzing
Spiking is process of finding which function or command in vuln app is vulnerable of buffer overflow
Fuzzing is the process of finding the nearest large value to EIP , it can be in 100s, 1000s, 10000s ;depends on the cases
- On window, Run vulnerable application and immunity debugger as administrator
- Attach vuln app in debugger File > Attach
- On linux, nc -nv <window ip> <vuln open port>
- Check the function and enter big value generated using python3 -c ‘print("A" * 5000)’
Change the 5000 to nearest value in thousands
- Vulnerable function will be find by checking EIP value as 41414141 and status change from running to Paused when app crashes in immunity debugger
(A = 41)
Note After every crash restart immunity debugger and reattach the vuln app