HTB Academy - Stack Based Buffer Overflow

I have completed the whole study plan but can’t figure how to get answer to this question.
Submit the size of the stack space after over writing the EIP as the answer. (Format: 0x00000)

Stack Based Buffer Overflows → Generating shellcode

Did you end up figuring it out?

I also have same question, Can someone help with hint?

gdb > info proc all

8 Likes

someone finished this? I need a hint

I needed to work at the host provided at the question (using VPN) . Once the program stopped, I used “info proc all” (that lalinco hints) and looked for stack size. Working at my local machine did not give correct answer.

Type your comment> @toannds said:

I needed to work at the host provided at the question (using VPN) . Once the program stopped, I used “info proc all” (that lalinco hints) and looked for stack size. Working at my local machine did not give correct answer.

The info should definitely be in info proc all. I have done the exercise and it worked for me

1 Like

Hello there peoples…as toannds explained, the size stack that comes from the “info proc all” command when executed from your machine gives an incorrect answer, when you do the exact same steps BUT via ssh on the vpn the “info proc all” command gives the correct size stack. Bugged excercise, any idea how to report this?

Type your comment> @toannds said:

I needed to work at the host provided at the question (using VPN) . Once the program stopped, I used “info proc all” (that lalinco hints) and looked for stack size. Working at my local machine did not give correct answer.

Dont know wheather you used the payload with the shellcode. But try using the payload without the shellcode. Just the input so that it will seg fault at the EIP

this is the best answer, thanks

1 Like

The info proc all works but the check must be done WITHOUT the shellcode, as explained by kavigihan here, the question is a bit misleading in my opinion and should be clarified in the exercise.

1 Like

This was the most helpful comment I could find. Thank you posting.