Exploit

There are several ways to find exploit in a server. One way is using fuzzing. Some steps that might help you developing Windows exploit, using a program that deliberately has a simple buffer overflow vulnerability.

• Preparing a vulnerable server

• Fuzzing the server

• Using a debugger to examine the crash

• Targeting the EIP register

• Identifying bad characters

• Locating a vulnerable module with MONA

• Generating exploit code Msdpayload

• Creating final exploit code

Tools to be used :

• Kali machine

• Windows machine

• Immunity Debugger

• Basic Python Scripting

• Vulnserver software