We will find the offset using the pattern_create and pattern_offset tools, as we did previously while attaching the vulnerable application to the debugger. Let's see how we can achieve this:
We created a pattern of 10000 characters. Now, let's feed the pattern to the application on port 80 and analyze its behavior in the Immunity Debugger. We will see that the application halts. Let's see the SEH chains by navigating to View from the menu bar and selecting SEH chain:
Clicking on the SEH chain option, we will be ...