Introduction

Steps

• Spiking (Find a vulnerable part of a program)

• Fuzzing (Send a bunch of characters to the program and see if we can break it)

• Finding the offset (Find the exact part that our program is breaking)

• Overwrite the EIP (Set what next instruction is executed)

• Finding the right module to jump to ESP

• Finding bad characters (Avoid that our exploitation breaks the program)

• Generating Shellcode (Create malicious code to be executed in program)

Be inside!!

Attach tasks in Immunity Debugger

1. Download here: https://debugger.immunityinc.com/ID_register.py

2. Install it

3. Open it as Administrator

4. Menu part:

   1. File

   2. Attach (or Ctrl + F1)

   3. Select the process to attach

   4. Clic on Attach

   5. Bottom right part, we see Paused, clic menu in ▶️ button. Now bottom we se Running.

   6. That's it