3. Spiking
It is the process of finding what commands crashes a particular program.
For instance take this vulnserver commands
We will take each command one at a time and try to see what command overflows the buffer if we send a bunch of characters at it.
generic_send_tcp
Spike Script
Name the file as
file.spk
File Format
Change "STATS" to the command that you want to test
If we run the generic_send_tcp
command and to find the vulnerable command, if the immunity debugger pauses and crashes, it means that the command is vulnerable
You will see that ESP, EBP and EIP registers will be overwritten with As (4141...)
Last updated