Pages: [1]

Author Topic: Exploit Writing  (Read 1079 times)

0 Members and 1 Guest are viewing this topic.

Offline Traitor4000

  • Knight
  • **
  • Posts: 191
  • Cookies: 8
    • View Profile
Exploit Writing
« on: September 05, 2013, 04:20:55 am »
So i apologize that I am asking so many questions and not posting tutorials or thigns like that. Quite frankly I dont think im at a point where I shouls be teaching much to anyone because my information is spotty at best. So i can only hope others who have similar questions can learn from this as well. So for those of us who are at a point with your chosen language that you can write exploits Fist a. What is your process in writing an exploit (I figure you setup a test enviroment) then what I wouldnt know were to start even if I where fully comfortable with C. How so you identify parts of the softwarethat might be vulnerable. b. This is similar but what is your mindset (tought process) when your writing an exploit because it is different then writing a program. (Im sure both of these questons have opinionated answers because everyone might have a process that works for them).
-Note didnt really know what section to put this in
« Last Edit: September 05, 2013, 04:21:23 am by Traitor4000 »
Report to moderator   Logged
The most vulnerable part of an impenetrable system is those who believe it to be so.

Z3R0

  • Guest
Re: Exploit Writing
« Reply #1 on: September 05, 2013, 02:07:11 pm »
I'll just drop these right here....:P
Code: [Select]
http://evilzone.org/video-tutorials/exploit-series-part-1-(intro)/
http://evilzone.org/video-tutorials/exploit-series-part-2-(1st-segment)/
http://evilzone.org/video-tutorials/exploit-series-part-2-(2nd-segment)/
http://evilzone.org/video-tutorials/exploit-series-part-3/
http://evilzone.org/video-tutorials/exploit-series-part-4/
http://evilzone.org/video-tutorials/exploit-series-part-5-(1st-segment)/
http://evilzone.org/video-tutorials/exploit-series-part-5/
Keep in mind, these videos are NOT all-inclusive, but they're enough to give you a general idea of how to start.
Report to moderator   Logged

Offline RedBullAddicted

  • Moderator
  • Sir
  • *
  • Posts: 519
  • Cookies: 189
    • View Profile
Re: Exploit Writing
« Reply #2 on: September 05, 2013, 02:17:16 pm »
In addition to what m0rph suggested:

https://www.corelan.be/index.php/articles/
- A lot of well-written exploit writting tutorials

http://evilzone.org/ebooks/t11265/msg62918/#msg62918
- By far the best book I know about the topic

Cheers,
RBA
Report to moderator   Logged
Deep into that darkness peering, long I stood there, wondering, fearing, doubting, dreaming dreams no mortal ever dared to dream before. - Edgar Allan Poe

Offline chapp

  • Peasant
  • *
  • Posts: 87
  • Cookies: 2
    • View Profile
Re: Exploit Writing
« Reply #3 on: September 05, 2013, 05:27:39 pm »
If interested I could write up an article of the process of writing an exploit, and not just your simple stack-based buffer overflow.


I'm currently thinking of writing up a small introduction to ARM exploitation and writing ARM shellcode. This could potentially lead to a generic exploit article and afterwards applying it to an example in both ARM and x86.


Edit: This would be focused on a Linux environment, as I'm still in the learning phase when it comes to Windows.
« Last Edit: September 05, 2013, 05:28:38 pm by chapp »
Report to moderator   Logged
Pages: [1]