Search Results for: exploit writing tutorial
Hack Notes : ROP retn+offset and impact on stack setup
Yesterday, sickn3ss (one of the frequent visitors of the #corelan channel on freenode IRC) posted a really interesting question. The question While testing ROP gadgets, as part of the process of building a DEP bypass exploit for WM Downloader, he wanted to know if there is a way to predict the required padding needed to […]
Death of an ftp client / Birth of Metasploit modules
Over the past few weeks, Corelan Team has given its undivided attention to fuzzing ftp client applications.
Using a custom built ftp client fuzzer, now part of the Metasploit framework, the team has audited several ftp clients and applications that use an embedded client ftp component. One example of such an application is a tool that would synchronize / backup data from a computer to a remote ftp server.
The 3 main audit/attack vectors that were used during the “project” were
send back overly long responses to ftp commands / requests sent by the ftp client to the server
send back a file/directory listing that contains overly long file/folder names
try to download a file that has an overly long filename.
Continue reading
Corelan Team Membership
This page outlines the process/procedure and rules on how to become a Corelan Team Member, and what rules to follow if you want to remain a Corelan Team member. How to become a Corelan Team Member ? 1. Don’t beg. Don’t solicit. You need to be invited/contacted by a Corelan Team Member. 2. You will […]
Blackhat Europe 2010 Barcelona – Day 01
As some of you might know, I am currently attending Blackhat Europe (hosted in Barcelona this year). So I wanted to take the opportunity to fill you in on the details of this first day of briefings, and provide you with a short overview of the presentations I have attended today. I am most certainly […]
QuickZip Stack BOF 0day: a box of chocolates
Over the last couple of weeks, ever since I published 2 articles on the Offensive Blog, I have received many requests from people asking me if they could get a copy of those articles in pdf format. My blog does not include a pdf generator, but it has a “print” button, so you can get […]
About me
Hi, My name is Peter Van Eeckhoutte. I was born in 1975 and spent my childhood in a small town called Vichte, Belgium. 14 years later, I got my first computer and about 5 years later I started working in a computer shop where I was responsible for the technical department, servers/network installations, etc… I […]
Backtrack 4 cheat sheet
Download backtrack from http://www.remote-exploit.org/backtrack_download.html. Current version at the time of writing is BT4 Pre-Final.This document is based on BT4 pre-final. Ergo, some of the instructions below may not work with other versions of BT. FYI : An excellent guide about Backtrack4 can be found at BackTrack 4 – The Definitive Guide 1. Installing Backtrack […]
Donate
Your donation will help funding server hosting.
