Tutorials (overflow, using debugers, exploits coding…)

Home / Hacking, News, Security / Tutorials (overflow, using debugers, exploits coding…)

August 13, 2009 PlanetCreator 0 Comments 0 tags

* Stack based overflows (direct RET overwrite) :
(Tutorial Part 1)

http://www.corelan.be:8800/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/

* Jumping to shellcode :
(Tutorial Part 2)

http://www.corelan.be:8800/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/

* Stack based overflows – SEH
(Tutorial Part 3)

http://www.corelan.be:8800/index.php/2009/07/25/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-3-seh/

* Stack based overflows – SEH part 2
(Tutorial Part 3b)

http://www.corelan.be:8800/index.php/2009/07/28/seh-based-exploit-writing-tutorial-continued-just-another-example-part-3b/

* Writing Metasploit exploits
(Tutorial Part 4)

http://www.corelan.be:8800/index.php/2009/08/12/exploit-writing-tutorials-part-4-from-exploit-to-metasploit-the-basics/

* Using debuggers to speed up exploit development
(Tutorial Part 5)

http://www.corelan.be:8800/index.php/2009/09/05/exploit-writing-tutorial-part-5-how-debugger-modules-plugins-can-speed-up-basic-exploit-development/

* Bypassing Stack Cookies, Safeseh, NX/DEP and ASLR
(Tutorial Part 6)

http://www.corelan.be:8800/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/

* Writing stack based unicode exploits
(Tutorials Part 7)

http://www.corelan.be:8800/index.php/2009/11/06/exploit-writing-tutorial-part-7-unicode-from-0x00410041-to-calc/

Explore More

Wi-Fi Network Loopholes That Hackers Exploit – Plug Them and Avoid Troubles!

With the increasing number of wi-fi home or small office networks mushrooming all over the place, the hackers are having a field day. The hackers break-in at will and carry

25 per cent of new worms designed to spread via USB

48 per cent of SMBs are infected by worms each year according to a report published by security vendor PandaLabs. The Second International SMB Security Barometer report (PDF here) surveyed

Critical SQL Injection in Gulf Travels and Tours

PlanetCreator has reported another critical SQL Injection (vulnerability) on Gulf Tranvels and Tours : Your reliable agency in Myanmar http://www.myanmartravelsgulf.com powered by IndexMyanmar This vulnerability has been alerted to :-

[remote] Wing FTP Server 8.1.3 - Authenticated Remote Code Execution
on May 29, 2026 at 12:00 am
Wing FTP Server 8.1.3 - Authenticated Remote Code Execution
[local] Linux Kernel - Local Privilege Escalation
on May 29, 2026 at 12:00 am
Linux Kernel - Local Privilege Escalation
[webapps] MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution
on May 29, 2026 at 12:00 am
MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution
[local] ZTE ZXHN H188A V6 - Authentication Bypass
on May 29, 2026 at 12:00 am
ZTE ZXHN H188A V6 - Authentication Bypass
[local] ZTE H298A / H108N - Unauthenticated Credential Exposure
on May 29, 2026 at 12:00 am
ZTE H298A / H108N - Unauthenticated Credential Exposure