Search Results for: pat
Corelan Team Membership
This page outlines the process/procedure and rules on how to become a Corelan Team Member, and what rules to follow if you want to remain a Corelan Team member. How to become a Corelan Team Member ? 1. Don’t beg. Don’t solicit. You need to be invited/contacted by a Corelan Team Member. 2. You will […]
Offensive Security Hacking Tournament – How strong was my fu ?
Hi, Over the last 2 days my friends from Corelan Team and I participated in a Hacking Tournament, organized by Offensive Security. The primary goals of the tournament are : be the first one to grab “secret” information from a machine and post it to the Tournament Control Panel. document your findings and submit them […]
Blackhat Europe 2010 Barcelona – Day 10
I got up early this morning, trying to be sharp and well prepared for day 2 of the BlackHat briefings. As some of you may know, I’m not really a morning person, so I usually need some time to wake up and wait until all components in my body start functioning again. After one day […]
Blackhat Europe 2010 Barcelona – Day 01
As some of you might know, I am currently attending Blackhat Europe (hosted in Barcelona this year). So I wanted to take the opportunity to fill you in on the details of this first day of briefings, and provide you with a short overview of the presentations I have attended today. I am most certainly […]
Exploiting Ken Ward Zipper : Taking advantage of payload conversion
In the article I wrote on the abysssec.com website, I explained the steps and techniques needed to build a working exploit for Ken Ward’s zipper. One of the main difficulties I had to overcome when building the exploit, was the character set limitation. I basically could only use a subset of the ascii characters (only […]
QuickZip Stack BOF 0day: a box of chocolates
Over the last couple of weeks, ever since I published 2 articles on the Offensive Blog, I have received many requests from people asking me if they could get a copy of those articles in pdf format. My blog does not include a pdf generator, but it has a “print” button, so you can get […]
Exploit writing tutorial part 9 : Introduction to Win32 shellcoding
Over the last couple of months, I have written a set of tutorials about building exploits that target the Windows stack. One of the primary goals of anyone writing an exploit is to modify the normal execution flow of the application and trigger the application to run arbitrary code… code that is injected by the […]
Starting to write Immunity Debugger PyCommands : my cheatsheet
When I started Win32 exploit development many years ago, my preferred debugger at the time was WinDbg (and some Olly). While Windbg is a great and fast debugger, I quickly figured out that some additional/external tools were required to improve my exploit development experience. Despite the fact that the command line oriented approach in windbg […]
Exploit writing tutorial part 8 : Win32 Egg Hunting
Introduction Easter is still far away, so this is probably the right time to talk about ways to hunting for eggs (so you would be prepared when the easter bunny brings you another 0day vulnerability) In the first parts of this exploit writing tutorial series, we have talked about stack based overflows and how they […]
Corelan Vulnerability Disclosure Policy
Corelan Vulnerability Disclosure Policy This document describes the security vulnerability disclosure policy of Corelan Team. It is the official policy of Corelan Team members (referred to as “us” or “we” hereafter) to exercise the responsible/coordinated disclosure of security vulnerabilities in a manner which is of maximum value to all affected parties. Corelan reserves the right […]
Donate
Your donation will help funding server hosting.
