HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 57 guests online
 
Advertisement

You are here: Home arrow Resourcesarrow Tutorialsarrow Exploit Development - Abusing the Stack
EH-Net
May 25, 2013, 01:07:58 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Exploit Development - Abusing the Stack  (Read 3793 times)
0 Members and 1 Guest are viewing this topic.
TheXero
Full Member
***
Offline Offline

Posts: 112


Try Harder!


View Profile WWW
« on: October 27, 2011, 07:14:10 PM »
Hello fellow eh.netters Smiley

I uploaded a new video and write-up to my website the other day to hope to raise the awareness of a how critical a program crash can be.

The video is available both on my website and on Google at http://www.youtube.com/watch?v=tJA4RyAJoU8 and all the files I refer to are included on my website as well as the full write.

On my blog website it can all be found here: http://www.thexero.co.uk/exploit-development/

Hope you enjoy it and hopefully some of you learn something new from this demonstration.

Regards,
TheXero
Logged
OSCP | OSWP
www.thexero.co.uk
n3r
Jr. Member
**
Offline Offline

Posts: 95



View Profile
« Reply #1 on: October 28, 2011, 05:17:22 AM »
Thanks for sharing, i can't understand all of it but hope i coulde one day !
how did you learn writting exploits ?
Logged
TheXero
Full Member
***
Offline Offline

Posts: 112


Try Harder!


View Profile WWW
« Reply #2 on: October 29, 2011, 03:59:25 AM »
Hi n3r,

It wasn't an easy process, but I used this video as a referrance guide http://www.youtube.com/watch?v=9_K4K89QbqM

I originally did it all without metasploit and did everything manually (finding EIP took 4 hours)

My first exploit took a total of 17 days from knowing nothing about it to getting my first exploit reverse shell, so I guess this is like documentation after that initial 17 days of pain back in January 2011 (before I started pwb).

You might find it helpful to also look through the writeup the write-up Smiley
Logged
OSCP | OSWP
www.thexero.co.uk
MaXe
Hero Member
*****
Offline Offline

Posts: 669


I've just upgraded myself to a cyborg muahahaa!!1


View Profile WWW
« Reply #3 on: October 30, 2011, 02:39:14 PM »
Quote from: TheXero on October 29, 2011, 03:59:25 AM
It wasn't an easy process, but I used this video as a reference guide http://www.youtube.com/watch?v=9_K4K89QbqM

My first exploit took a total of 17 days from knowing nothing about it to getting my first exploit reverse shell, so I guess this is like documentation after that initial 17 days of pain back in January 2011 (before I started pwb).

Awesome, Nullthreat is a really cool guy who certainly knows a lot about Exploit Development, didn't know there was a video, must watch some time too  Smiley

About my first exploit, that also took a lot of time, but it was fun and the release of endorphins were massive when my exploit finally worked  Smiley

Anyway, good work TheXero, really cool video  Wink
Logged
I'm an InterN0T'er
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.069 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.