Tutorials (overflow, using debugers, exploits coding…)

Home / Hacking, News, Security / Tutorials (overflow, using debugers, exploits coding…)

August 13, 2009 PlanetCreator 0 Comments 0 tags

* Stack based overflows (direct RET overwrite) :
(Tutorial Part 1)

http://www.corelan.be:8800/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/

* Jumping to shellcode :
(Tutorial Part 2)

http://www.corelan.be:8800/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/

* Stack based overflows – SEH
(Tutorial Part 3)

http://www.corelan.be:8800/index.php/2009/07/25/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-3-seh/

* Stack based overflows – SEH part 2
(Tutorial Part 3b)

http://www.corelan.be:8800/index.php/2009/07/28/seh-based-exploit-writing-tutorial-continued-just-another-example-part-3b/

* Writing Metasploit exploits
(Tutorial Part 4)

http://www.corelan.be:8800/index.php/2009/08/12/exploit-writing-tutorials-part-4-from-exploit-to-metasploit-the-basics/

* Using debuggers to speed up exploit development
(Tutorial Part 5)

http://www.corelan.be:8800/index.php/2009/09/05/exploit-writing-tutorial-part-5-how-debugger-modules-plugins-can-speed-up-basic-exploit-development/

* Bypassing Stack Cookies, Safeseh, NX/DEP and ASLR
(Tutorial Part 6)

http://www.corelan.be:8800/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/

* Writing stack based unicode exploits
(Tutorials Part 7)

http://www.corelan.be:8800/index.php/2009/11/06/exploit-writing-tutorial-part-7-unicode-from-0x00410041-to-calc/

Explore More

Tracking Down A BotNet

This will not be very long, nor will I go into excessive amounts of detail into the tools and steps required. The purpose of this paper is simply to help

CRLF Injection

CRLF Injection Overview CRLF Injection is typically used in HTTP Response Splitting. In the HTTP specification there is a spec stating that the HTTP header is to be split from

Buffer Overflow Overview Buffer overflows are the classic security vulnerability that have been around since the beginning of programming, and are still occurring everywhere today. Buffer overflows are very prevalent

[local] unzip-stream 0.3.1 - Arbitrary File Write
on April 30, 2025 at 12:00 am
unzip-stream 0.3.1 - Arbitrary File Write
[remote] OpenSSH server (sshd) 9.8p1 - Race Condition
on April 22, 2025 at 12:00 am
OpenSSH server (sshd) 9.8p1 - Race Condition
[local] Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
on April 22, 2025 at 12:00 am
Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
[remote] WonderCMS 3.4.2 - Remote Code Execution (RCE)
on April 22, 2025 at 12:00 am
WonderCMS 3.4.2 - Remote Code Execution (RCE)
[remote] code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)
on April 22, 2025 at 12:00 am
code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)