10110111
commented
1 year ago How do you know the app really crashes?
Closed OldSchoolHackerGit closed 1 year ago
10110111
commented
1 year ago How do you know the app really crashes?
OldSchoolHackerGit
commented
1 year ago How do you know the app really crashes? Thanks for responding.
Because added a segmentation fault in it by overwriting the EIP. At some point in time edb was reporting it correctly then stopped working.
10110111
commented
1 year ago I tried re-installing using the steps give here and found an error relating to qt5-default.
What is the source of your qt5-default and qtbase5-dev? What is your distribution?
apt show qt5-default qtbase5-dev
cat /etc/lsb-release
cat /etc/issueapt show qt5-default qtbase5-dev cat /etc/lsb-release cat /etc/issue
Attaching requested files, I'm not very familiar with Linux so please don't hesitate to let me know in case osme of the commands are to be run differently. Also I am able to identify the reason for the app not crashing , so edb was correctly identify a good exit and your comment let me think over it. Thanks for that. The problem was that it was looking for a particular file and that edb has to be run from the directory where the app is placed, referencing does not work which is weird. I've reported it to the developers.
Now moving on, I am trying to understand why opscode searcher is not picking jmp esp instruction, which is similar to the other issue I"ve marked initially. I also installed via apt, is there still aproblem that installation needs to be carried out via GIT path. Much appreciate your time into it.
10110111
commented
1 year ago Text should never be posted as images, at least if the goal is not to show how it's rendered: it's not possible to copy and paste it easily.
Package: qt5-default Version: 5.7.1+dfsg-3+deb9u3 ... APT-Sources: /var/lib/dpkg/status
This seems to imply that you have somehow installed a very old version of qt5-default (maybe years ago), and the current version from the repository is incompatible with it. Try removing this package, and see if it drags something else with it (apt will ask you whether you want to continue if you don't force "yes" answers, so you can check before removing too much).
Now moving on, I am trying to understand why opscode searcher is not picking jmp esp instruction, which is similar to the other issue I"ve marked initially. I also installed via apt, is there still aproblem that installation needs to be carried out via GIT path.
There might be a problem if the version of EDB that you have installed is older than the commit that fixed issue #723 that you linked to. You can check EDB version either by edb --version, or by apt show edb (substitute edb with the actual name of the package here).
OldSchoolHackerGit
commented
1 year ago Thanks for your time into this. After long hours of troubleshooting, I identified the problem to be with the program I was attaching the debugger to and reported accordingly. This is resolved for me now
Hi,
I am working on a program for pentesting prepration and knows the value at which it should crash. I am seeing edb debugger is not giving segmentation fault rather exiting normally. Need to check the issue. Thanks in advance.
Also it was not finding the JMP ESP instruction as in this issue --> https://github.com/eteran/edb-debugger/issues/723
I tried re-installing using the steps give here and found an error relating to qt5-default.
https://github.com/eteran/edb-debugger/wiki/Installing.
Need some assistance in resolving the error or removing edb completely & re-installing from scratch