[Academy] Stack-Based Buffer Overflows on Windows x86 Remote Fuzzing

Hello All,

I’m not sure what I am doing wrong here but this is my current issue for a few days now:

For the Remote Fuzzing part, the python script keeps saying that it cannot connect.

I openvpn into the htb academy, I rdp into the target box (after launching).

I run the CloudMe and xdb (with no breakpoints),
cmd $netstat -a and see that the port 8888 is listening.
I then run the script $python3 win3buffer.py on my machine
and get the Could not establish a connection

I tried running the instance on the site, no luck.
I believe I follow the steps exactly on the remote fuzzing part of the tutorial but to no luck.

Any suggestions?

1 Like

[solved]

1 Like

Okay, I got the flag for this section by guessing.

I want to know why the answer is xxxx?

My fuzzer stopped at 9500, but the answer to the flag is not 9500.

image

Can somebody tell me how one gets the answer to the flag without guessing?

image

Thanks in advance!

p.s. I’m sure there’s an easy way to understand this, but I have not figured it out.

John

Don’t forget this line, at the beginning of the fuzz.py file:

import socket

Fuzzer stopped at 9500 because our script “for i in range (0,10000,500)”, but that question refer to What is the payload size that overwrite the EIP?

Correct me if I’m wrong but it’s what I understand. Thank you.