Categories
-
Recent Posts
- Kali and VirtualBox Guest Additions
- Responsible Disclosure Guidelines
- Exploit Development – Complications in Format String Exploits
- Exploit Development – What is a Stack Pivot?
- CTF ROP Stack Overflow Walkthrough (No ALSR)
- SSH-Fu
- Exploit Development – Stale Pointers (Use After Free) (Protostar Heap2)
- ROP Exploit – MProtect() and Shellcode
- A Simple ROP Exploit – /bin/sh via syscall
- Exploit Development – Introduction to a simple ROP exploit
Archives
Monthly Archives: April 2018
Exploit Development – Complications in Format String Exploits
Format String attacks are an interesting bug class, they provide you with memory disclosure opportunities as well as write-what-where opportunities. They can be used to force stack overflows which are otherwise safe, they can defeat stack canaries and ASLR. However, … Continue reading
Posted in Uncategorized
Leave a comment
Exploit Development – What is a Stack Pivot?
When writing an exploit you might find a vulnerability that gives you control over registers other than EIP, for example you may be able to change the value of the stack pointer ESP. Alternatively you might find a stack based … Continue reading
Posted in ROP
Leave a comment