recently i have been studing exploitation making shellcodes and writing exploit to use that exploit
what i found out is that it is actually easier to write exploits for linux but not so for windows
i have been spending a lot of time on how to write exploits but i am not succeeding i dunno why......

tried all nice tuts on net for windows exploits but can't find one..............not for windows
http://phrack.org/show.php?p=55&a=15
http://jikos.jikos.cz/remotesploits.html
http://www.cosc.brocku.ca/~cspress/H..._class.html#18
http://www.donews.net/zwell/articles/159199.aspx

the last link is about what is the difference between windows and linux explits..........
and also phrack article about advance windows shellcodes..........

http://phrack.org/show.php?p=62&a=7

i don't really understand the strusture of windows shellcodes and offsets use of offset i have written a simple server program and trying to crash it by sending a buffer of length more then 2020(infect it is one of the series of server programs that i wrote in last ten days.
what u basically need to do is to overwrite EIP to point to ur shellcode ...........
the buffer sent by me is stored in ecx register ....
so i have to find a location in loaded dlls where a call like call ecx is there.........
i find one call in GDI32.dll
not i send a buffer starting with nops then shellcode then at buffer[2019] i store address of call ecx in order to execute shellcode(as it is pushed in ecx).

i don't know whats wrong but shellcode is not executing i was just wondering what is offsets(as used in webdav exploits)how return address should be placed in buffer .........

i will appriciate any help or links........as i really need that i googled a lot but don't think i got enough material there .............