I love the brain dump on BOFs. I was at a company sponsored class over the summer and wrote an exploit for Adobe flash the same way you just did. I hadn’t done one of those in a while and forgot how much fun it really is. For the class we had access to IDA Pro as well as another tool similar to the old Ollydbg, x64dbg. And while those tools certainly do help, having a tool for fuzzing is essential. And yes, some machine code experience also helps. Again thanks for the write-up.
Reply To: From Dev to InfoSec Part 4: Buffer Overflows Made My Brain Hurt
Upcoming Webinars
– EH-Net Live! Join us on Wed Jan 29 @ 1:00 PM EST for “Shellcode for the Masses“ w/ John Hammond. Reg Open Now!
Recent Articles
-
BBP: My Path to the CISO Chair January 17, 2020
-
Webinar: Shellcode for the Masses January 15, 2020
-
Pentesting with a Raspberry Pi! January 8, 2020
-
Tshark: 7 Tips on Wireshark’s Command-Line Packet Capture Tool January 8, 2020
-
Video: Burp-less Hacking – Learning Web Application Pentesting on a Budget December 27, 2019
-
-
Webinar: Burp-less Hacking – Learning Web Application Pentesting on a Budget December 4, 2019
-
Video: All Things CTF! November 25, 2019
