intx0x80

hi guys today we will continue in ways to bypass ASLR and NX if you dont know what means  please read  Part 1  will will find way to control EIP  and in this part we will focus on another technique called Ret2eax. before going to explain it we need to understand what EAX and what it's purpose in program. EAX is general purpose register used in arithmetic calc and store results of  arithmetic  operations and function return value , like  C built in function   strcpy will save string pointer in EAX without assign it  EAX will save  pointer  to buffer . we will take example to login system use strcmp to compare between two strings return 0 if  two strings are same or return 1 if not equal . run it simple program user enter password compare it using strcmp you notice that strcmp we compare it to 0 if condition True i.e return 0 will print "you Login in" else "Ops LOL" . now we going to open program in g

Hi guys today i will explain how to bypass  ASLR  and  NX  mitigation technique if you dont have any knowledge about ASLR and NX you can read it in Above link i will explain it but not in depth ASLR:Address Space Layout randomization : it's mitigation to technique to prevent exploitation of memory by make Address randomize not fixed as we saw in basic buffer overflow exploit it need to but start of buffer in EIP and Redirect execution to execute your shellcode but when it's random it will make it hard to guess that start of buffer random it's only in shared library address we found ASLR in stack address ,Heap Address. NX: Non-Executable it;s another mitigation use to prevent memory from execute any machine code(shellcode) as we saw in basic buffer overflow  you  put shellcode in stack and redirect EIP to begin of buffer to execute it but this will not work here this mitigation could be bypass by Ret2libc exploit technique use function inside binary pass it to s