encoder

Exploiting Ken Ward Zipper : Taking advantage of payload conversion

Published March 27, 2010 | By Peter Van Eeckhoutte (corelanc0d3r)

In the article I wrote on the abysssec.com website, I explained the steps and techniques needed to build a working exploit for Ken Ward’s zipper. One of the main difficulties I had to overcome when building the exploit, was the character set limitation.  I basically could only use a subset of the ascii characters (only […]

Posted in 001_Security, Exploit Writing Tutorials, Exploits | Tagged , , , , , , , , , , , , , , , , , , ,

QuickZip Stack BOF 0day: a box of chocolates

Published March 27, 2010 | By Peter Van Eeckhoutte (corelanc0d3r)

Over the last couple of weeks, ever since I published 2 articles on the Offensive Blog, I have received many requests from people asking me if they could get a copy of those articles in pdf format.  My blog does not include a pdf generator, but it has a “print” button, so you can get […]

Posted in 001_Security, Exploit Writing Tutorials, Exploits | Tagged , , , , , , , , , , , , , , , , , , ,

Exploit writing tutorial part 9 : Introduction to Win32 shellcoding

Published February 25, 2010 | By Peter Van Eeckhoutte (corelanc0d3r)

Over the last couple of months, I have written a set of tutorials about building exploits that target the Windows stack. One of the primary goals of anyone writing an exploit is to modify the normal execution flow of the application and trigger the application to run arbitrary code… code that is injected by the […]

Posted in 001_Security, Exploit Writing Tutorials | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Exploit writing tutorial part 4 : From Exploit to Metasploit – The basics

Published August 12, 2009 | By Peter Van Eeckhoutte (corelanc0d3r)

In the first parts of the exploit writing tutorial, I have discussed some common vulnerabilities that can lead to 2 types of exploits : stack based buffer overflows (with direct EIP overwrite), and stack based buffer overflows that take advantage of SEH chains. In my examples, I have used perl to demonstrate how to build […]

Posted in 001_Security, Exploit Writing Tutorials, Exploits | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Corelan Training

We have been teaching our win32 exploit dev classes at various security cons and private companies & organizations since 2011

Check out our schedules page here and sign up for one of our classes now!

Donate

Want to support the Corelan Team community ? Click here to go to our donations page.

Want to donate BTC to Corelan Team?



Your donation will help funding server hosting.

Corelan Team Merchandise

You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.

Protected by Copyscape Web Plagiarism Tool

Corelan on Slack

You can chat with us and our friends on our Slack workspace:

  • Go to our facebook page
  • Browse through the posts and find the invite to Slack
  • Use the invite to access our Slack workspace

    • Categories

    Mastodon: @corelanc0d3r | @corelan


    Copyright Peter Van Eeckhoutte © 2007 - 2024 | All Rights Reserved | Terms of use