Page 10 – Corelan | Exploit Development & Vulnerability Research

BruCON 2010 : Day 0x1

After hearing a lot of great things about the first edition of BruCON (in 2009), I decided to attend the con this year. The fact that BruCON is gaining popularity and established a lot of recognition in the industry Read more

DLL Hijacking (KB 2269637) - the unofficial list

This page hosts an unofficial list of applications that are said to be vulnerable to the dll hijacking flaw (or feature or whatever you want to call it). Note that I did not test these applications myself.

If you Read more

Exploit notes - win32 eggs-to-omelet

In article 8 of my exploit writing series, I have introduced the concept of egg hunters, and explained what an omelet hunter is and how it works.

Today, I want to share with you my own eggs-to-omelet implementation, explain Read more

Cisco VoIP Phones – A Hackers Perspective

Introduction

In the world of VoIP phones, each person may look at them differently. For some, an annoyance that sit on their desk, or maybe for some it is simply a part of their job either deploying them or Read more

WATOBO – the unofficial manual

WATOBO is intended to enable security professionals to perform highly efficient (semi-automated) web application security audits. I am convinced that the semi-automated approach is the best way to perform an accurate audit and to identify most of the vulnerabilities.

How strong is your fu 2 - the report

For anyone interested, this is _sinn3r's and tecr0c's writeup of the steps they took to own 4 out of the 5 machines in last weekend's HSIYF - Hacking for Charity cyber hacking challenge ... Read more

How strong is your fu : Hacking for charity

Last weekend, Offensive Security hosted their second cyber hacking challenge, called "HSIYF For Charity".

The goal of this challenge was to raise money for Johnny Long's "Hackers for Charity" project, a charity organization that tries to feed Read more

Exploit writing tutorial part 10 : Chaining DEP with ROP - the Rubik's[TM] Cube

About 3 months after finishing my previous exploit writing related tutorial, I finally found some time and fresh energy to start writing a new article. In the previous tutorials, I have explained the basics of stack based overflows and how they can lead to arbitrary code execution. I discussed direct RET overflows, SEH based exploits, Unicode and other character restrictions, the use of debugger plugins to speed up exploit development, how to bypass common memory protection mechanisms and how to write your own shellcode. While the first tutorials were really written to learn the basics about exploit development, starting from scratch (targeting people without any knowledge about exploit development) you have most likely discovered that the more recent tutorials continue to build on those basics and require solid knowledge of asm, creative thinking, and some experience with exploit writing in general. Today's tutorial is no different. I will continue to build upon everything we have seen and learned in the previous tutorials. Today I will talk about ROP and how it can be used to bypass DEP (and ASLR)... Read more

Offensive Security Hacking Tournament - How strong was my fu ?

Hi,

Over the last 2 days my friends from Corelan Team and I participated in a Hacking Tournament, organized by Offensive Security. The primary goals of the tournament are :

be the first one to grab "secret" Read more

corelanc0d3r interviewed by Slo-Tech

Introduction: We continue our series of interviews with a slightly »unusual« talk this time: Peter Van Eeckhoutte may be unknown to readers who don't follow the InfoSec scene on a daily basis. But he is well known to Read more

Posts: (234)

Introduction