Please, let me understand where is my fault. I’ve been stuck on the final epilogue for a long time
ALARM SPOILER
I have detect the exact offset for write the EIP register.
When I execute a function, I can see the value 44434241, this is DCBA, because a Little Endian read in this mode and this confirm the correct position of the shellcode (Please, correct me if I say something wrong).
Later, I have created a shellcode for execution a calc of Windows (whit epurate 0x00 bad char).
msfvenom -p 'windows/exec' CMD='calc.exe' -f 'python' -b '\x00'
Now, I find a JMP ESP address in function funcs.dll and I found 621014E3
So, I modify my payload whith BUFFER, EIP, NOP and SHELLCODE
But when launch a function exploit() I see the values change in the registers but nothing happens. What am I doing wrong?
