Memory Corruption 1 (Video)
Original Link
read more »Author Archives: Pentester
Exploiting Binaries 1
Binary exploitation is the process of subverting a compiled application such that it violates some trust boundary in a way that is advantageous to you, the attacker. In this module we are going to focus on memory corruption. By abusing vulnerabilities that corrupt memory in software we can often rewrite critical application state information in […]
read more »
EXPLOIT RESEARCH MEGAPRIMER
Description: In this video series, we will learn how to program exploits for various vulnerabilities published online. We will also look at how to use various tools and techniques to find Zero Day vulnerabilities in both open and closed source software.
read more »
Exploit writing tutorial part 1 : Stack Based Overflows
Last friday (july 17th 2009), somebody (nick)named ‘Crazy_Hacker’ has reported a vulnerability in Easy RM to MP3 Conversion Utility (on XP SP2 En), via packetstormsecurity.org. (see http://packetstormsecurity.org/0907-exploits/). The vulnerability report included a proof of concept exploit (which, by the way,� failed to work on my MS Virtual PC based XP SP3 En). Another exploit was released just a little bit […]
read more »
A Stack-based Buffer Overflow
A Stack-based Buffer Overflow Introduction Basic of x86 Architecture Assembly Language Compiler, Assembler & Linker Function Operation Stack Stack Operation Stack based Buffer Overflow Shellcode: The Payload Vulnerability & Exploit Examples Another BOF ‘Research’ TESTING BUFFER OVERFLOW CODE In the following program example, we are going to investigate how the stack […]
read more »
Shellcode Injection
Introduction Here I am going to demonstrate how to gain shell access by overflowing a vulnerable buffer. I shall show it with both ASLR disabled as well as ASLR enabled(for those who don’t know about ASLR, I’ll come to it soon). This post is in continuation with ‘Buffer Overflow Exploit’, which I wrote earlier. You […]
read more »
Buffer-Overflow Vulnerabilities and Attacks
In the PC architecture there are four basic read-write memory regions in a program: Stack, Data, BSS (Block Started by Symbol), and Heap. The data, BSS, and heap areas are collectively referred to as the ”data segment”. In the tutorial titled “Memory Layout And The Stack” [1], Peter Jay Salzman described memory layout in a […]
read more »
Understanding and doing Code Injection in C
Question I am a bit confused in the idea of code injection in C. If somebody could explain it and show how its done I would appreciate it. So lets say in C you have some Char array of size 512 which is being written to the contents of a socket of length 1024, and […]
read more »Buffer Overflow Attack Tutorial By Example
A Buffer Overflow is a flaw by which a program reacts abnormally when the memory buffers are overloaded, hence writing over adjacent memory. It can be triggered by using inputs that may alter the way a program operates,for example <inputting a very large value in a c program which does integer based addition>. A buffer […]
read more »
Stack based buffer overflow ExploitationTutorial
I decided to get a bit more into Linux exploitation, so I thought it would be nice if I document this as a good friend once said “ you think you understand something until you try to teach it “. This is my first try at writing papers. This paper is my understanding of the […]
read more »