Buffer Overflow Attack – Computerphile
Original Link
read more »
CHECKSEC.SH NOW WITH FORTIFY_SOURCE SUPPORT
New checksec.sh release. What’s new with version 1.4: * Support for FORTIFY_SOURCE (–fortify-file, –fortify-proc) * Lots of other bugfixes and improvements – Check if the readelf command is available – readelf support for 64-bit ELF files – Check if the requested files and directories do exist – ‘–dir’ is now case-sensitive and correctly deals with […]
read more »
Exploit writing tutorial part 1 : Stack Based Overflows
Last friday (july 17th 2009), somebody (nick)named ‘Crazy_Hacker’ has reported a vulnerability in Easy RM to MP3 Conversion Utility (on XP SP2 En), via packetstormsecurity.org. (see http://packetstormsecurity.org/0907-exploits/). The vulnerability report included a proof of concept exploit (which, by the way,� failed to work on my MS Virtual PC based XP SP3 En). Another exploit was released just a little bit […]
read more »
Buffer-Overflow Vulnerabilities and Attacks
In the PC architecture there are four basic read-write memory regions in a program: Stack, Data, BSS (Block Started by Symbol), and Heap. The data, BSS, and heap areas are collectively referred to as the ”data segment”. In the tutorial titled “Memory Layout And The Stack” [1], Peter Jay Salzman described memory layout in a […]
read more »
Buffer Overflow Exploit
Introduction I am interested in exploiting binary files. The first time I came across the buffer overflow exploit, I couldn’t actually implement it. Many of the existing sources on the web were outdated(worked with earlier versions of gcc, linux, etc). It took me quite a while to actually run a vulnerable program on my machine and […]
read more »