Tutorials (overflow, using debugers, exploits coding…)

Home / Hacking, News, Security / Tutorials (overflow, using debugers, exploits coding…)

August 13, 2009 PlanetCreator 0 Comments 0 tags

* Stack based overflows (direct RET overwrite) :
(Tutorial Part 1)

http://www.corelan.be:8800/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/

* Jumping to shellcode :
(Tutorial Part 2)

http://www.corelan.be:8800/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/

* Stack based overflows – SEH
(Tutorial Part 3)

http://www.corelan.be:8800/index.php/2009/07/25/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-3-seh/

* Stack based overflows – SEH part 2
(Tutorial Part 3b)

http://www.corelan.be:8800/index.php/2009/07/28/seh-based-exploit-writing-tutorial-continued-just-another-example-part-3b/

* Writing Metasploit exploits
(Tutorial Part 4)

http://www.corelan.be:8800/index.php/2009/08/12/exploit-writing-tutorials-part-4-from-exploit-to-metasploit-the-basics/

* Using debuggers to speed up exploit development
(Tutorial Part 5)

http://www.corelan.be:8800/index.php/2009/09/05/exploit-writing-tutorial-part-5-how-debugger-modules-plugins-can-speed-up-basic-exploit-development/

* Bypassing Stack Cookies, Safeseh, NX/DEP and ASLR
(Tutorial Part 6)

http://www.corelan.be:8800/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/

* Writing stack based unicode exploits
(Tutorials Part 7)

http://www.corelan.be:8800/index.php/2009/11/06/exploit-writing-tutorial-part-7-unicode-from-0x00410041-to-calc/

Explore More

What are the various features of snort?

Snort has the following features: * It detects threats, such as buffer overflows, stealth port scans, CGI attacks, SMB probes and NetBIOS queries, NMAP and other port scanners, well-known backdoors

Critical XSS Vulnerability in http://shwephonecard.com registered parent company is â€œMMM Network L.L.C.â€

PlanetCreator.Net’s Security Team Member Info Freakzz <infofreakzzz(at)gmail.com> has reported another critical XSS vulnerability on http://www.shwephonecard.comÂ registered parent company is â€œMMM Network L.L.C.â€ These are some information from Vulneral Site http://www.shwephonecard.com:

Local File Inclusion (LFI) tutorial

This tutorial will guide you into the process of exploiting a website through the LFI (Local File Inclusion). First lets take a look at a php code that is vulnerable

[webapps] FreeBSD rtsold 15.x - Remote Code Execution via DNSSL
on December 25, 2025 at 12:00 am
FreeBSD rtsold 15.x - Remote Code Execution via DNSSL
[webapps] Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie
on December 25, 2025 at 12:00 am
Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie
[webapps] WordPress Quiz Maker 6.7.0.56 - SQL Injection
on December 25, 2025 at 12:00 am
WordPress Quiz Maker 6.7.0.56 - SQL Injection
[webapps] esm-dev 136 - Path Traversal
on December 16, 2025 at 12:00 am
esm-dev 136 - Path Traversal
[webapps] Summar Employee Portal 3.98.0 - Authenticated SQL Injection
on December 16, 2025 at 12:00 am
Summar Employee Portal 3.98.0 - Authenticated SQL Injection