Page 1 of 4 123 ... LastLast
Results 1 to 10 of 42

Thread: Writing Buffer Overflow Exploits using BackTrack

Hybrid View

  1. #1
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Writing Buffer Overflow Exploits using BackTrack

    I have been writing a number of tutorials on my blog about how to create buffer overflow exploits using BackTrack.

    I posted the links to parts one and two on the old forums, and I just finished part three, so I decided to post links to all three parts here.

    I will update this post with more links when I write further entries.

    Part One: A Simple Windows Stack Based Buffer Overflow
    Part Two: A Windows Stack Based SEH Buffer Overflow
    Part Three: A Windows Stack Based SEH Buffer Overflow with Character Translation
    Part Four: A Windows Use After Free Heap Corruption Exploit
    Part Five: A Windows Stack Based Overflow using an Egghunter and a Conditional Jump


    Update: Added link to part four.
    Update: Added link to part five.
    Last edited by lupin; 02-13-2010 at 02:12 PM.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  2. #2
    Junior Member
    Join Date
    Jan 2010
    Posts
    84

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    Great

    Thanks for ur hardwork

  3. #3
    Junior Member
    Join Date
    Jan 2010
    Posts
    41

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    Super Thanks !

  4. #4
    Just burned his ISO
    Join Date
    Jan 2010
    Location
    /var/tmp because /dev/null is always full
    Posts
    5

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    Awesome Tutorials.

    Thanks, I hope your efforts are recognised

  5. #5
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    1

    Thumbs up Re: Writing Buffer Overflow Exploits using BackTrack

    Very nice! Easy to understand and very well presented. I like your style.

  6. #6
    Junior Member
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    79

    Thumbs up Re: Writing Buffer Overflow Exploits using BackTrack

    Great organization keep up the great work!http://www.backtrack-linux.org/forum...ons/icon14.gif
    Thumbs uphttp://www.backtrack-linux.org/forums/images/icons/icon10.gif
    Talking

  7. #7
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    Update: Added link to Part Four, A Windows Heap Corruption Exploit.

    This reproduces the Internet Explorer Aurora '0 day' exploit, used (allegedly) by the Chinese to hack Google.

    It can be viewed here.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  8. #8
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    5

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    Quote Originally Posted by lupin View Post

    This reproduces the Internet Explorer Aurora '0 day' exploit, used (allegedly) by the Chinese to hack Google.
    So the 'sophisticated' attack used on Google revolved around a '0 day' exploit? I thought it was something else, something more... more... sophisticated.

  9. #9
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    Quote Originally Posted by Noble_Hikikomori View Post
    So the 'sophisticated' attack used on Google revolved around a '0 day' exploit? I thought it was something else, something more... more... sophisticated.
    I think its more the whole operation that was considered sophisticated, not just individual elements of it (such as the initial exploitation vector - this 0 day.) Apparently the attack was well targeted at specific individuals within the companies, and the malware installed by the exploit was fairly unique. And of course not everyone thought it was that sophisticated. From what I have heard of it, it all seemed pretty run of the mill to me, but then again those on the inside may see more of the full picture of what was done. The rest of us just get small pieces of detail...
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  10. #10

    Default Re: Writing Buffer Overflow Exploits using BackTrack

    Awesome work Lupin! Thank you for the time and effort you put into providing this tutorial.
    15" MBP 8 gigs o ram 256 gig SSD in drivebay + 256 gig 5400 HD
    1000HE EEE 30 gig SSD 2 gigs Ram

Page 1 of 4 123 ... LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •