Stack Based Windows Buffer Overflow Tutorial

[lupin]

Well I have been threatening to do it for a while, and now I have finally gotten around to it.

I have written a tutorial on how to develop a windows stack based buffer overflow exploit, using BackTrack 4 PreFinal as the development/attacking platform.

This is the first tutorial in a series of tutorials that I am planning to write, and the next entry (on SEH Stack Based Windows Buffer Overflows), is already complete and I will post a link to it in a separate HowTo thread.

Why did I write this? Well there are a few reasons, not the least of which is that I find the subject interesting, but the reason that Im posting this here relates to Metasploit.

A lot of the problems I see here with people running Metasploit could be resolved if said people were aware of how exploitation products worked before they tried to use them. Basically Metasploit is just a framework of tools that make exploits easier to use, and under the covers it essentially uses exploits exactly like the ones I will show you how to create to take control of systems.

If I respond to one of your Metasploit questions with a link to this tutorial, its because I think your ability to use Metasploit would benefit from learning how buffer overflow exploits really work by actually learning to create them.

The tutorial is available here on my blog.
The Grey Corner: Stack Based Windows Buffer Overflow Tutorial

Questions here are welcome, but make sure you meet all of the requirements listed at the top of the document and that you make an effort to resolve the problem yourself first before asking anything.

[Archangel-Amael]

Nice Lupin, thanks for sharing.

[hhmatt]

Indeed, very nice job lupin Thank you. Looking forward to more.

[imported_KrisTeason]

Nice write up. The blogs looking promising I'm going to stick it in my favorites. Keep up the good work.