Questions
Answer the following questions to test your knowledge of this chapter:
- Fuzzing is one of the more popular attacks because it results in shellcode execution. (True | False)
- Identify the fuzzing points range 4 through 8 in this request:
USER administrator
. - The Exception Offset value in the Windows crash dump is the same value that can be found in __________.Â
- Name Metasploit’s two tools that are used together to find the EIP offset in an overflow.
- An attacker has just discovered that if execution lands at
0x04a755b1
, their NOP sled will be triggered and run down to their Windows shellcode. The vulnerable buffer is 2,056 bytes long and the shellcode is 546 bytes long. They use the following line of code to prepare the shellcode:s = '\x90' * 1510 + buf + '\x04\xa7\x55\xb1'
. Why is this attack bound to fail?