|
Format strings and heap exploitation
|
|
Hits: 0 |
|
Date added: 12/02/2005 |
|
These are the notes/information/examples from Andrew Griffiths presentation at Ruxcon 2003. |
|
|
|
|
|
AIX Heap Overflow
|
|
Hits: 15 |
|
Date added: 12/16/2005 |
|
Author:
I've just published a paper on AIX heap overflows. I wrote it back in August
but wanted to wait until a couple of flaws I discovered whilst researching
the topic were fixed by IBM. IBM released the patches today.(16 Dec 2005) |
|
|
|
|
|
|
The Shellcoders Handbook
|
|
Hits: 0 |
|
Date added: 12/28/2005 |
|
[Source Codes Included]
Back Cover
Every day, patches are created to cover up security holes in software applications and operating systems. But by the time you download a patch, it could be too late. A hacker may have already taken advantage of the hole and wreaked havoc on your system. This innovative book will help you stay one step ahead. It gives you the tools to discover vulnerabilities in C-language-based software, exploit the vulnerabilities you find, and prevent new security holes from occurring.
The Shellcoder’s Handbook is written by a unique author team, consisting of “white hat” corporate security experts and underground hacker-cracker types, who are the most respected contributors to Bugtraq, a vulnerability tracking mailing list. They take you from introductory-level exploitation and exposing vulnerabilities in binaries to advanced content on kernel overflows. In addition, they provide you with advanced techniques to close new security holes that are not yet known to the public but could cause devastating consequences. With all this information, you’ll be able to develop your own discovery process and quickly determine whether a security hole is truly exploitable. The methods discussed will also dramatically improve your penetration testing skills in order to achieve a 100% Penetration Rate Guaranteed. |
|
|
|
|
|
Adjacent Memory Overflows
|
|
Hits: 0 |
|
Date added: 12/31/2005 |
|
|
|
|
|
|
|
|
XPMs
|
|
Hits: 25 |
|
Date added: 01/04/2006 |
|
Buffer Underruns, DEP, ASLR, and improving the Exploitation Prevention Mechanisms (XPMs) on the Windows platform |
|
|
|
