http://carnal0wnage.attackresearch.com/ has tons of good stuff
Yea that book is good I have it hard copy.
yeah I think I’m going to grab the hard copy
Here is what I am working on now: http://io.smashthestack.org:84/
fun stuff
So basic buffer overflows over writing something and controlling EIP redirecting flow into shell code is pretty simple
Bypassing DEP/ASLR and other protections becomes a bit more of a bitch to get reliable code execution
yeah…one step at a time lol … I learned this stuff over the course of about a day. And I am still not 100% comfortable with it.
Once I feel like I can walk the walk on the basic stuff, I’ll take the next step. From the stri.pe thread on /r/netsec or /r/programming, dealing with ASLR is going to be really tedious. Then again, just about every modern kernel is going to have aslr enabled, so without learning it, it’s just another out of date hack.
I haven’t really written many real world exploits in Linux…I need more practice.
I have done a lot of stuff for Win XP/Windows 2000.
We have been gearing up for the Defcon capture the flag and some other events which has forced me to start spending more time on this stuff.
I take you’ll be in vegas for defcon?
Yea Defcon. Thotcon, Rochester BSides, Las Vegas BSides, DerbyCon, and work still needs to vote on one national one.
Work is pretty cool about paying for stuff like that.
Dur im an idiot I wasn’t using …/…/