alpha2

Offensive Security Exploit Weekend

Published November 13, 2010 | By Sud0

Introduction I’m excited and honored to be able to announce that Sud0, one of our Corelan Team members, has won the Offensive Security Exploit weekend, an exploiting exercise only available to Offensive Security certified alumni. The challenge was built around a vulnerability in Foxit Reader.  Each participant was pointed to a Proof of Concept exploit, […]

Posted in 001_Security, Exploits | Tagged , , , , , , , , , , , , , , , , , , , , , , ,

Exploiting Ken Ward Zipper : Taking advantage of payload conversion

Published March 27, 2010 | By Peter Van Eeckhoutte (corelanc0d3r)

In the article I wrote on the abysssec.com website, I explained the steps and techniques needed to build a working exploit for Ken Ward’s zipper. One of the main difficulties I had to overcome when building the exploit, was the character set limitation.  I basically could only use a subset of the ascii characters (only […]

Posted in 001_Security, Exploit Writing Tutorials, Exploits | Tagged , , , , , , , , , , , , , , , , , , ,

Exploit writing tutorial part 8 : Win32 Egg Hunting

Published January 9, 2010 | By Peter Van Eeckhoutte (corelanc0d3r)

Introduction Easter is still far away, so this is probably the right time to talk about ways to hunting for eggs (so you would be prepared when the easter bunny brings you another 0day vulnerability) In the first parts of this exploit writing tutorial series, we have talked about stack based overflows and how they […]

Posted in 001_Security, Exploit Writing Tutorials, Exploits | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Exploit writing tutorial part 7 : Unicode – from 0x00410041 to calc

Published November 6, 2009 | By Peter Van Eeckhoutte (corelanc0d3r)

Finally … after spending a couple of weeks working on unicode and unicode exploits, I’m glad and happy to be able to release this next article in my basic exploit writing series : writing exploits for stack based unicode buffer overflows (wow – that’s a mouthful). You may (or may not) have encountered a situation […]

Posted in 001_Security, Exploit Writing Tutorials, Exploits | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Corelan Training

We have been teaching our win32 exploit dev classes at various security cons and private companies & organizations since 2011

Check out our schedules page here and sign up for one of our classes now!

Donate

Want to support the Corelan Team community ? Click here to go to our donations page.

Want to donate BTC to Corelan Team?



Your donation will help funding server hosting.

Corelan Team Merchandise

You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.

Protected by Copyscape Web Plagiarism Tool

Corelan on Slack

You can chat with us and our friends on our Slack workspace:

  • Go to our facebook page
  • Browse through the posts and find the invite to Slack
  • Use the invite to access our Slack workspace

    • Categories

    Mastodon: @corelanc0d3r | @corelan


    Copyright Peter Van Eeckhoutte © 2007 - 2024 | All Rights Reserved | Terms of use