The size of the values you use for both the buffer and the offset should be no larger than 3000 (at least, I don't have any reports of a successful exploit of that size). You should use this information to keep from spending too much time trying larger and larger values.

Depending on how you construct your exploit code, you may need to use a negative value for an offset. At least one student has had to do so.


Last Modified: March 15, 2011 - Benjamin A. KupermanVI Powered