Needles in heaps, allocator primitives, posts, tutorials, papers, research notes ...

Your search for

resolved the following candidate gadgets:

Death of an ftp client / Birth of Metasploit modules

corelanc0d3r October 12, 2010
Over the past few weeks, Corelan Team has given its undivided attention to fuzzing ftp client applications. Using a custom built ftp client fuzzer, now part of the Metasploit framework, the team has audited several ftp clients and applications that use an embedded client ftp component. One example of such an application is a tool that would synchronize / backup data from a computer to a remote ftp server. The 3 main audit/attack vectors that were used during the "project" were send back overly long responses to ftp commands / requests sent by the ftp client to the server send back a file/directory listing that contains overly long file/folder names try to download a file that has an overly long filename. Read more

QuickZip Stack BOF 0day: a box of chocolates

corelanc0d3r March 27, 2010

Over the last couple of weeks, ever since I published 2 articles on the Offensive Blog, I have received many requests from people asking me if they could get a copy of those articles in pdf format.  My blog Read more

Backtrack 4 cheat sheet

corelanc0d3r July 4, 2009

Download backtrack from http://www.remote-exploit.org/backtrack_download.html. Current version at the time of writing is BT4 Pre-Final.This document is based on BT4 pre-final. Ergo, some of the instructions below may not work with other versions of BT.

FYI : An excellent guide Read more