Over the last couple of months, I have written a set of tutorials about building exploits that target the Windows stack. One of the primary goals of anyone writing an exploit is to modify the normal execution flow of Read more
When I started Win32 exploit development many years ago, my preferred debugger at the time was WinDbg (and some Olly). While Windbg is a great and fast debugger, I quickly figured out that some additional/external tools were required to Read more
Easter is still far away, so this is probably the right time to talk about ways to hunting for eggs (so you would be prepared when the easter bunny brings you another 0day vulnerability)
In the first parts Read more
Finally โฆ after spending a couple of weeks working on unicode and unicode exploits, Iโm glad and happy to be able to release this next article in my basic exploit writing series : writing exploits for stack based unicode Read more
I have received a very sad message this morning that str0ke (milw0rm) has passed away yesterday.
I sincerely hope this is some (bad and morbid) joke, but if itโs not then all I can say is that this is Read more
Just a few moments ago, Neil Roiter has reported on SearchSecurity that The Metasploit Project (and the Metasploit Framework) has been acquired by Rapid7, a network vulnerability management vendor. This news has been confirmed by Rapid7 (see website) Read more
Just wanted to drop a quick note about the release of another free script. This time Iโve written a simple FTP fuzzer (with a little help from HDMoore) in Metasploit. You can read more about it (and download the Read more
In all previous tutorials in this Exploit writing tutorial series, we have looked at building exploits that would work on Windows XP / 2003 server.
The success of all of these exploits (whether they are based on direct Read more
In the first parts of this exploit writing tutorial, I have mainly used Windbg as a tool to watch registers and stack contents while evaluating crashes and building exploits. Today, I will discuss some other debuggers and debugger plugins Read more
Just a quick note to let you know that 2 Japanese scientists (from Hiroshima and Kobe Universities) have found a practical way to crack WPA TKIP in about one minute, using a technique called โBeck-Tewsโ. This technique is not Read more
