In all previous tutorials in this Exploit writing tutorial series, we have looked at building exploits that would work on Windows XP / 2003 server.
The success of all of these exploits (whether they are based on direct Read more
Found this link on twitter - a very interesting read indeed :
http://www.geoffchappell.com/viewer.htm?doc=notes/windows/license/memory.htm
In the first parts of this exploit writing tutorial, I have mainly used Windbg as a tool to watch registers and stack contents while evaluating crashes and building exploits. Today, I will discuss some other debuggers and debugger plugins Read more
Just a quick note to let you know that 2 Japanese scientists (from Hiroshima and Kobe Universities) have found a practical way to crack WPA TKIP in about one minute, using a technique called “Beck-Tews”. This technique is not Read more
In the first parts of the exploit writing tutorial, I have discussed some common vulnerabilities that can lead to 2 types of exploits : stack based buffer overflows (with direct EIP overwrite), and stack based buffer overflows that take Read more
In the previous tutorial post, I have explained the basics of SEH based exploits. I have mentioned that in the most simple case of an SEH based exploit, the payload is structured like this :
[Junk][next SEH][SEH][Shellcode]
I Read more
In the first 2 parts of the exploit writing tutorial series, I have discussed how a classic stack buffer overflow works and how you can build a reliable exploit by using various techniques to jump to the shellcode. The Read more
In one of my previous posts (part 1 of writing stack based buffer overflow exploits), I have explained the basisc about discovering a vulnerability and using that information to build a Read more
Last friday (july 17th 2009), somebody (nick)named ‘Crazy_Hacker’ has reported a vulnerability in Easy RM to MP3 Conversion Utility (on XP SP2 En), via packetstormsecurity.org. (see http://packetstormsecurity.org/0907-exploits/). The vulnerability report included a proof of concept exploit (which, by Read more
Insecure.org has released a new major version of the free, open source “nmap” security scanner. (Don’t just call nmap a port scanner - Thanks to many improvements over the last years, nmap has become an excellent security scanner).
Visit Read more
Subscribe
