I started writing this article while preparing for the pre-2023 OSCP exam, which at the time contained a buffer overflow exploit development. While practicing, I stumbled on a quite curious problem. I went through all the steps to build my exploit, I had the right return address, offsets, bad characters… everything had been done correctly.… Continue reading Understanding Shikata Ga Nai, NOP sleds, and why my shellcode triggers an access violation in the debugger