Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Shellcoding Tutorial

From: Mark Shirley <mshirley () gmail com>
Date: Thu, 2 Sep 2004 14:15:29 -0400
Sure, there will eventually be a point in time when, because of
complete redesigns of os's, buffer overflows won't work anymore. 
However as time progresses new architectures will sprout and new
opporunties for explotation will arise.  I remember when red boxing
worked on every pay phone in existance.  The more it's exploited, the
more people know about it, the less likely it is to work the next
time.  It's the nature of technology and evolution.

On Thu, 2 Sep 2004 09:42:55 -0700 (PDT), bipin gautam
<visitbipin () yahoo com> wrote:

we have been hearing many promishing technology...
SOUNDS LIKE, Buffer overflow exploits will be a
...........ONCE UPON A TIME story, very soon???

bipin


--- Steve <shanna () uiuc edu> wrote:


So I released a basic tutorial on Windows and Linux
shellcoding. For all of those interested, with
absolutely no idea how it works, the tutorial can be
found here:


http://www.vividmachines.com/shellcode/shellcode.html


Like I said, this isn't an extremely advanced
tutorial, but I think it will be helpful to a lot of
people.

C and basic x86 assembly knowledge are helpful.

Comments are welcome and please be nice :-D.

Notice: I use hardcoded addresses for the Windows
Example, I left hashing and sorting through the IAT
to a later talk.


*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *
 *  *  *  *  *  *  *  *  *
Steve Hanna
UIUC Undergraduate in Computer Engineering
http://www.vividmachines.com/
*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *
 *  *  *  *  *  *  *  *  *


                
__________________________________
Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!
http://promotions.yahoo.com/new_mail

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: