Tutorials (overflow, using debugers, exploits coding…)

Home / Hacking, News, Security / Tutorials (overflow, using debugers, exploits coding…)

August 13, 2009 PlanetCreator 0 Comments 0 tags

* Stack based overflows (direct RET overwrite) :
(Tutorial Part 1)

http://www.corelan.be:8800/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/

* Jumping to shellcode :
(Tutorial Part 2)

http://www.corelan.be:8800/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/

* Stack based overflows – SEH
(Tutorial Part 3)

http://www.corelan.be:8800/index.php/2009/07/25/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-3-seh/

* Stack based overflows – SEH part 2
(Tutorial Part 3b)

http://www.corelan.be:8800/index.php/2009/07/28/seh-based-exploit-writing-tutorial-continued-just-another-example-part-3b/

* Writing Metasploit exploits
(Tutorial Part 4)

http://www.corelan.be:8800/index.php/2009/08/12/exploit-writing-tutorials-part-4-from-exploit-to-metasploit-the-basics/

* Using debuggers to speed up exploit development
(Tutorial Part 5)

http://www.corelan.be:8800/index.php/2009/09/05/exploit-writing-tutorial-part-5-how-debugger-modules-plugins-can-speed-up-basic-exploit-development/

* Bypassing Stack Cookies, Safeseh, NX/DEP and ASLR
(Tutorial Part 6)

http://www.corelan.be:8800/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/

* Writing stack based unicode exploits
(Tutorials Part 7)

http://www.corelan.be:8800/index.php/2009/11/06/exploit-writing-tutorial-part-7-unicode-from-0x00410041-to-calc/

Explore More

Metasploit Framework 3.7.0 Released!

The Metasploit team has spent the last two months focused on one of the least-visible, but most important pieces of the Metasploit Framework; the session backend. Metasploit 3.7 represents a

XSS Stealing Cookies

This method (XSS attacks) is for get the cookies users, so, for get information of users… and then, login into the account of the victim user…u will have to give

Gmail Security Checklist, Improve Login Security

There are two to tango, and the same is true for an effective online security strategy. What does it mean? One the one side, the company offering a service needs

[webapps] Lingdang CRM 8.6.4.7 - SQL Injection
on August 26, 2025 at 12:00 am
Lingdang CRM 8.6.4.7 - SQL Injection
[remote] Ivanti Endpoint Manager Mobile 12.5.0.0 - Authentication Bypass
on August 26, 2025 at 12:00 am
Ivanti Endpoint Manager Mobile 12.5.0.0 - Authentication Bypass
[webapps] Birth Chart Compatibility WordPress Plugin 2.0 - Full Path Disclosure
on August 26, 2025 at 12:00 am
Birth Chart Compatibility WordPress Plugin 2.0 - Full Path Disclosure
[webapps] StoryChief Wordpress Plugin 1.0.42 - Arbitrary File Upload
on August 26, 2025 at 12:00 am
StoryChief Wordpress Plugin 1.0.42 - Arbitrary File Upload
[local] GeoVision ASManager Windows Application 6.1.2.0 - Credentials Disclosure
on August 26, 2025 at 12:00 am
GeoVision ASManager Windows Application 6.1.2.0 - Credentials Disclosure