HTB academy - Linux buffer overflows

Hi all,
I am working on the academy for stack-based buffer overflows for linux. I went through the entire module multiple times but I get stuck at the point where the actual code should run and give me a reverse shell.

The last try I just copied the commands as they were provided in the walkthrough but it doesn’t work. When I check only part of my shellcode is executed.

On the left you see the executed command (highlighted in yellow where the issue is). On the right you see what actually is executed. So after the /x04/x03 is executes other code then my shellcode.

Can anybody give me a hint in the right direction? :slight_smile:

The issue seems to be with my EIP pointer. It gets another value then the one I provide. when I make it all /xff the EIP is overwritten correctly but any other value does not go through correctly. I tried multiple return addresses that contain my NOPS.

I haven’t done the module yet, but I have had a few run ins with BOFs. Have you triple checked bad characters? That seems to be the step that always screws me over.

Hi onthesauce, thanks for your reply. I did indeed check the bad characters, it is part of the module :slight_smile:

I finally found the issue after stepping away from the computer a couple of hours. Let me just say I was completely looking in the wrong direction for the issue. I did just a little bit to much copy paste from the examples.

Great module by the way, this was my first contact with buffer overflows :smiley:

No worries! Haha, I have definitely done the same thing. Lesson learned.