[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Exploit writing tutorials

To: "bugtraq@xxxxxxxxxxxxxxxxx" <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: Exploit writing tutorials
From: Peter Van Eeckhoutte <peter.ve@xxxxxxxxxx>
Date: Tue, 10 Nov 2009 23:26:09 +0100

Hi all,

Just wanted to share the following links/tutorials on writing windows (stack 
based) exploits :

* Stack based overflows (direct RET overwrite) :
(Tutorial Part 1)
http://www.corelan.be:8800/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/

* Jumping to shellcode :
(Tutorial Part 2)
http://www.corelan.be:8800/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/

* Stack based overflows - SEH
(Tutorial Part 3)
http://www.corelan.be:8800/index.php/2009/07/25/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-3-seh/

* Stack based overflows - SEH part 2
(Tutorial Part 3b)
http://www.corelan.be:8800/index.php/2009/07/28/seh-based-exploit-writing-tutorial-continued-just-another-example-part-3b/

* Writing Metasploit exploits
(Tutorial Part 4)
http://www.corelan.be:8800/index.php/2009/08/12/exploit-writing-tutorials-part-4-from-exploit-to-metasploit-the-basics/

* Using debuggers to speed up exploit development
(Tutorial Part 5)
http://www.corelan.be:8800/index.php/2009/09/05/exploit-writing-tutorial-part-5-how-debugger-modules-plugins-can-speed-up-basic-exploit-development/

* Bypassing Stack Cookies, Safeseh, NX/DEP and ASLR
(Tutorial Part 6)
http://www.corelan.be:8800/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/

* Writing stack based unicode exploits
(Tutorials Part 7)
http://www.corelan.be:8800/index.php/2009/11/06/exploit-writing-tutorial-part-7-unicode-from-0x00410041-to-calc/



____________________________________________________

Peter Van Eeckhoutte
peter.ve@xxxxxxxxxx
____________________________________________________

My Blog : http://www.corelan.be:8800 (IPv4 and IPv6)
Twitter : http://www.twitter.com/corelanc0d3r
RIPE Handle PVE50-RIPE
a.k.a. c0d3r/c0d3rZ/corelanc0d3r on various forums
____________________________________________________



This transmission is intended only for use by the intended recipient(s).  If 
you are not an intended recipient you should not read, disclose, copy, 
circulate or in any other way use the information contained in this 
transmission.  The information contained in this transmission may be 
confidential and/or privileged.  If you have received this transmission in 
error, please notify the sender immediately and delete this transmission 
including any attachments.

Prev by Date: iDefense Security Advisory 11.10.09: Microsoft Excel FEATHEADER Record Memory Corruption Vulnerability
Next by Date: Novell eDirectory 8.8 SP5 Denial of Service
Previous by thread: iDefense Security Advisory 11.10.09: Microsoft Excel FEATHEADER Record Memory Corruption Vulnerability
Next by thread: RE: Exploit writing tutorials
Index(es):
- Date
- Thread