[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Exploit writing tutorials



Hi all,

Just wanted to share the following links/tutorials on writing windows (stack based) exploits :

* Stack based overflows (direct RET overwrite) :
(Tutorial Part 1)
http://www.corelan.be:8800/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/

* Jumping to shellcode :
(Tutorial Part 2)
http://www.corelan.be:8800/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/

* Stack based overflows - SEH
(Tutorial Part 3)
http://www.corelan.be:8800/index.php/2009/07/25/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-3-seh/

* Stack based overflows - SEH part 2
(Tutorial Part 3b)
http://www.corelan.be:8800/index.php/2009/07/28/seh-based-exploit-writing-tutorial-continued-just-another-example-part-3b/

* Writing Metasploit exploits
(Tutorial Part 4)
http://www.corelan.be:8800/index.php/2009/08/12/exploit-writing-tutorials-part-4-from-exploit-to-metasploit-the-basics/

* Using debuggers to speed up exploit development
(Tutorial Part 5)
http://www.corelan.be:8800/index.php/2009/09/05/exploit-writing-tutorial-part-5-how-debugger-modules-plugins-can-speed-up-basic-exploit-development/

* Bypassing Stack Cookies, Safeseh, NX/DEP and ASLR
(Tutorial Part 6)
http://www.corelan.be:8800/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/

* Writing stack based unicode exploits
(Tutorials Part 7)
http://www.corelan.be:8800/index.php/2009/11/06/exploit-writing-tutorial-part-7-unicode-from-0x00410041-to-calc/



____________________________________________________

Peter Van Eeckhoutte
peter.ve@xxxxxxxxxx
____________________________________________________

My Blog : http://www.corelan.be:8800 (IPv4 and IPv6)
Twitter : http://www.twitter.com/corelanc0d3r
RIPE Handle PVE50-RIPE
a.k.a. c0d3r/c0d3rZ/corelanc0d3r on various forums
____________________________________________________



This transmission is intended only for use by the intended recipient(s).  If you are not an intended recipient you should not read, disclose, copy, circulate or in any other way use the information contained in this transmission.  The information contained in this transmission may be confidential and/or privileged.  If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments.