up vote55down votefavorite 35 I’m working on a homework problem that requires disabling compiler optimization protection for it to work. I’m using gcc 4.4.1 on ubuntu linux, but can’t figure out which flags are are the right ones. I realize it’s architecture dependant – my machine runs w/ 32-bit Intel processor. Thanks. c gcc buffer-overflow compiler-optimization 6 Answers activeoldestvotes up […]
read more »
New checksec.sh release. What’s new with version 1.4: * Support for FORTIFY_SOURCE (–fortify-file, –fortify-proc) * Lots of other bugfixes and improvements – Check if the readelf command is available – readelf support for 64-bit ELF files – Check if the requested files and directories do exist – ‘–dir’ is now case-sensitive and correctly deals with […]
read more »Binary exploitation is the process of subverting a compiled application such that it violates some trust boundary in a way that is advantageous to you, the attacker. In this module we are going to focus on memory corruption. By abusing vulnerabilities that corrupt memory in software we can often rewrite critical application state information in […]
read more »
Description: In this video series, we will learn how to program exploits for various vulnerabilities published online. We will also look at how to use various tools and techniques to find Zero Day vulnerabilities in both open and closed source software.
read more »
Last friday (july 17th 2009), somebody (nick)named ‘Crazy_Hacker’ has reported a vulnerability in Easy RM to MP3 Conversion Utility (on XP SP2 En), via packetstormsecurity.org. (see http://packetstormsecurity.org/0907-exploits/). The vulnerability report included a proof of concept exploit (which, by the way,� failed to work on my MS Virtual PC based XP SP3 En). Another exploit was released just a little bit […]
read more »
A Stack-based Buffer Overflow Introduction Basic of x86 Architecture Assembly Language Compiler, Assembler & Linker Function Operation Stack Stack Operation Stack based Buffer Overflow Shellcode: The Payload Vulnerability & Exploit Examples Another BOF ‘Research’ TESTING BUFFER OVERFLOW CODE In the following program example, we are going to investigate how the stack […]
read more »
Introduction Here I am going to demonstrate how to gain shell access by overflowing a vulnerable buffer. I shall show it with both ASLR disabled as well as ASLR enabled(for those who don’t know about ASLR, I’ll come to it soon). This post is in continuation with ‘Buffer Overflow Exploit’, which I wrote earlier. You […]
read more »
