Buffer overflow Mona modules all show Rebase SafeSEH ASLR True

Almost every beginners (noob friendly) tutorial written for Stack based buffer overflow explains when using mona module to locate a safe reliable memory address for our EIP to JMP to our shellcode should have Rebase, Safe SEH, ASLR disabled.

enter image description here

However in a recent stack based buffer overflow challenge, all the modules mona provided showed they were protected except for the executable itself.

I used a module (DLL) that had those protections shown by mona to JMP to my shellcode and successfully execute my shellcode which really confused me.

If the executable itself is not protected does that mean we can use any DLL to JMP to our shellcode? if not what is the proper way to handle this situation?

git merge vs rebase

Soy un no iniciado en git, y me surge una duda.

Tenemos un branch MASTER del proyecto en el que estoy desarrollando, y he abierto un branch para realizar cambios locales. Mientras tanto, en el branch MASTER se han realizado commits de otros miembros del proyecto.

Mi pregunta es, cual es el mejor método para incorporar esos cambios a mi branch sin necesidad de actualizar el branch MASTER?

Y una vez terminado mis cambios, como paso mis cambios al branch MASTER? lo pregunto porque en algún caso hemos perdido commits del branch MASTER, desconozco que hicimos mal, pero se perdieron cambios por el camino.


Github gives me the number of commits on my branch. Can I use this as part of git rebase -i arguments?

I am not, and will never be, a git expert, so kindly be gentle.

I have a PR branch which has—Github tells me—let’s say 12 commits on it.

While I’ve been working on this PR, I’ve merged master (the branch it diverged from originally) into it a couple of times. I am planning on squashing all commits down to one before this PR is accepted and merged.

I know that I am going to use git rebase -i to do this. The general area of this question is how to come up with the argument to supply to this command.

Given the merges from master to my PR branch etc. etc., git merge-base doesn’t give me, I don’t think, the right SHA to supply as an argument to git rebase -i. It will, in fact, give me the most recent commit that “came over” from master, instead of the earliest point at which my branch “started”.

I have, of course, read this excellent answer. Its “shell magic” answer works, but I don’t fully understand it, and I don’t like relying on magic I don’t understand.

My question, therefore, is: From my PR branch, can I, instead, use this comparatively simple command: git rebase -i HEAD~12, where 12 is whatever Github tells me is the number of commits on my branch?

Is this number of commits OK to supply after the tilde (~)? Is this a reliable, relatively brain-dead-easy thing to do? Or will I trip myself up on yet another inscrutable git option or convention?