A couple of days ago, I have released a small perl script to back up Cisco IOS based switches via telnet.
I know there are a couple of similar scripts available on the internet, but most of them either Read more
Just wanted to drop a quick note about the release of another free script. This time Iβve written a simple FTP fuzzer (with a little help from HDMoore) in Metasploit. You can read more about it (and download the Read more
In all previous tutorials in this Exploit writing tutorial series, we have looked at building exploits that would work on Windows XP / 2003 server.
The success of all of these exploits (whether they are based on direct Read more
Found this link on twitter - a very interesting read indeed :
http://www.geoffchappell.com/viewer.htm?doc=notes/windows/license/memory.htm
In the first parts of this exploit writing tutorial, I have mainly used Windbg as a tool to watch registers and stack contents while evaluating crashes and building exploits. Today, I will discuss some other debuggers and debugger plugins Read more
Just a quick note to let you know that 2 Japanese scientists (from Hiroshima and Kobe Universities) have found a practical way to crack WPA TKIP in about one minute, using a technique called βBeck-Tewsβ. This technique is not Read more
In the first parts of the exploit writing tutorial, I have discussed some common vulnerabilities that can lead to 2 types of exploits : stack based buffer overflows (with direct EIP overwrite), and stack based buffer overflows that take Read more
In the previous tutorial post, I have explained the basics of SEH based exploits. I have mentioned that in the most simple case of an SEH based exploit, the payload is structured like this :
[Junk][next SEH][SEH][Shellcode]
I Read more
In the first 2 parts of the exploit writing tutorial series, I have discussed how a classic stack buffer overflow works and how you can build a reliable exploit by using various techniques to jump to the shellcode. The Read more
In one of my previous posts (part 1 of writing stack based buffer overflow exploits), I have explained the basisc about discovering a vulnerability and using that information to build a Read more
Subscribe
