Monthly Archives: July 2011

Metasploit Bounty – the Good, the Bad and the Ugly

Published July 27, 2011 | By Corelan Team (Lincoln)

On June 14, 2011 HD Moore announced the Metasploit Bounty contest, offering a cash incentive for specific vulnerabilities to be submitted as modules in the Metasploit Framework. Titled “30 exploits, $5000 in 5 weeks”, a post on the Rapid7 blog lists the 30 “bounties” selected by the MSF team, waiting for someone to claim and submit a working exploit module.
Continue reading

Posted in 001_Security, Exploits | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

mona.py – the manual

Published July 14, 2011 | By Peter Van Eeckhoutte (corelanc0d3r)

This document describes the various commands, functionality and behaviour of mona.py.

Released on june 16, this pycommand for Immunity Debugger replaces pvefindaddr, solving performance issues and offering numerous new features. pvefindaddr will still be available for download until all of its functionality has been ported over to mona.
Continue reading

Posted in 001_Security, Exploit Writing Tutorials | Tagged , , , , , , , , , , , , , , , , , , ,

ROP your way into B-Sides Las Vegas 2011

Published July 12, 2011 | By Peter Van Eeckhoutte (corelanc0d3r)

Ahh.. Vegas.. What happens in Vegas, stays in Vegas right ?

With a variety of cons ahead (BlackHat, Defcon, B-Sides, …) there is plenty of things that can and will happen at Vegas. Will you be there to witness & enjoy it ?

Getting to Vegas is just one part of the story. Getting access to one of the cons is the second part, but in case of B-Sides, there are no tickets left anymore.
So, in case you were not able to get one of the free tickets to B-Sides LV, there’s good news !

We have 2 tickets for B-Sides LV (august 3 & 4, 2011)… and we’re giving them away…but not without a little ‘battle’…
Continue reading

Posted in Cons and Seminars | Tagged , , , , , , , , , , , , , , , , , , ,

Universal DEP/ASLR bypass with msvcr71.dll and mona.py

Published July 3, 2011 | By Peter Van Eeckhoutte (corelanc0d3r)

Over the last few weeks, there has been some commotion about a universal DEP/ASLR bypass routine using ROP gadgets from msvcr71.dll (written by Immunity Inc) and the fact that it might have been copied into an exploit submitted to Metasploit as part of the Metasploit bounty.

I’m not going to make any statements about this, but the ROP routine itself looks pretty slick.
Continue reading

Posted in 001_Security, Exploit Writing Tutorials, Exploits | Tagged , , , , , , , , , , , , , , , , , , ,

Corelan Training

We have been teaching our win32 exploit dev classes at various security cons and private companies & organizations since 2011

Check out our schedules page here and sign up for one of our classes now!

Donate

Want to support the Corelan Team community ? Click here to go to our donations page.

Want to donate BTC to Corelan Team?



Your donation will help funding server hosting.

Corelan Team Merchandise

You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.

Protected by Copyscape Web Plagiarism Tool

Corelan on Slack

You can chat with us and our friends on our Slack workspace:

  • Go to our facebook page
  • Browse through the posts and find the invite to Slack
  • Use the invite to access our Slack workspace

    • Categories

    Mastodon: @corelanc0d3r | @corelan


    Copyright Peter Van Eeckhoutte © 2007 - 2024 | All Rights Reserved | Terms of use