Hi there ,
I have following problem. I am trying to exploit easyfile ftp server and I am considering an NSEH/SEH approach to the exploit.
I am on a Windows 10 box, where Kali 2.2018 is running in a virtual machine.
The problem is that just after SEH there are some ,maybe 4 Null Bytes on the stack and I cannot just jump over them with “\xeb\x06\x90\x90”.
Here is a picture :
Double-Check the badchars, SEH, shellcode and try it without any AV.
Is your listener running? Right listening port?
You should exactly understand how the stack is filled. Do not speculate. Be sure.
Set a breakpoint and follow the ESP in dump step by step and take a closer look how the bytes will be changed.
Keep trying!
