MSF Exploit writing little tutorial

[jerome.athias at free.fr (Jerome Athias)]

Hi,

*giving* *back* to *Caesar* *what* belongs to *Caesar:*
all credits should be given to Cyberheb, not me

since i'm not an expert of exploit writing, you would be able to find a 
lot of tutorials around the web
a reference to consider is the book "Shellcoder Handbook"
for online tutorials and papers, here is some links:

http://www.milw0rm.com
https://www.securinfos.info/english/security_papers_hacking_whitepapers.php

http://www.uninformed.org/

it should be some nice reading there (before HD, skape and other folks 
of the msf-team wrote one :-) ...? but maybe they are too busy working 
on a MSF version 4 for christmas... ^_^)

Cheers and hacky new year
/JA

Ty Miller a ?crit :
> Hi Jerome,
>
> Nice work. The article is really good.
>
> I have been a pen tester for a while and have been meaning to get into
> exploit development over the past few months, but haven't managed to find a
> descent exploit tutorial - especially using Metasploit.
>
> If anyone has any suggestions as to what I should do or read to get myself
> up to speed in exploit development, it would be appreciated if you could
> pass on your handy hints.
>
> Thanks,
> Ty
>
> -----Original Message-----
> From: Jerome Athias [mailto:jerome.athias at free.fr] 
> Sent: Tuesday, 19 December 2006 9:21 PM
> To: framework at metasploit.com
> Subject: [framework] MSF Exploit writing little tutorial
>
> by: Cyberheb
>
> http://www.milw0rm.com/papers/125
>
> ...
>
>
>
>
>     MERRY CHRISTMAS!              __ _ __ ___
>           &                  _ __'.:;.:;.:;.:`
>     HAPPY NEW YEAR!        _'.:;.:;.:;.:;.:;.:`
>                           '.:. , :`,.,`;'/`__ _` _
>                          '..:;.;'.:,.;.:;\      (_)
>                        -__ --_-_-_-__---_-)
>                       (                    )
>    ____               (_- -__-_-__-____-__-)
>   /####\ /\            |  ,~~~'  `~~~.   %@
>   |#####\#|             )  ><@>  <@><    %@%
>   |#######|            /      /          %@p
>    \######|            ( *   (_c)   * )  % %      .0day0day.
>     |#####|             \ '%@%@%@%@`, %@%@       .0day0day\x.
>     /#####\         _ _ d%@ `----' @%@%@ \ _ _ _.0day0day0dayz.
>     ~~~~~~~       ':;.;%@@%@%@%@%@%@@%p  /.:;.:;0day0day0daymsf.
>      `.:;.'     ':;.;%@@%@%@@%@%@%@%@ :: ____xxx0day0day0day0day.
>      :.:;.:`   ':;.:d%@%@%@%@%@%@@%@%.:;/####\/\.:;\x0day0day0day
>      :.:;.:;` ';.;;.%@%@@%@%@@%@%@%@p.:;|#####\#|.:;\x0day0day0day.
>      :.:;.:;./;.;;.;%@%@%@%@%@%@%@%@ ::.'\######|.:;\\x0day0day0day
>      :.:;.:;.|:.;.;.% %@%@%@%@%@% % :  ..\\#####|.:;.\\x0day0daymsf
>      :.:;.:;/:;.;.:;.q%@%@@%@%@ %p.:;.%hdm|#####\.:;.\\x0day0day\x
>      :.:;.:;|:;.:;.;;;%@%@@% %.:;.:;.r00t. ~~~~~~ .:;.|x0day0day\x.
>      :.:;.:/.:;.:;.:;.: o  .:;.:;.:;....:;/.:;.:;\.:;.|\x0day0dayz.
>       `.:;.|:;.:;;;.:;.    .:;;;;;;;;;;;;;|.:;.:;.\.:;\\x0day0day.
>        `::/:;;;.:;;.:; o  .:;.;;.:;;;.:;.:|.:;.:;.:\.:;\\x0dayvnm
>           ;.:;;.:;;.:     :;;;.:;.:;.:;.:;\.:;.:;.:;.:;|xxmsfxx.
>           :::;.:;.:;. o  ..:;.:;.:;;;;.;;;;\.:;.:;.:;.:|msfmsf.
>           :::;.:;;.:     .:;;;;;;;;.:;.:;;;|.:;.:;.:;./mm\xm.
>           ;.:;.:;.;. o   .:;.;.:;;.:;.:;.:;.\________/mmmsf.
>           :.:;;;.;;;     .:;;.:;.:;;.:;.:;.:;.;.:;;;;`mmsf
>            `#######xMSFxx###########################
>             #######xMSFxx###########################
>            '::;;;.;; o  :;;;.:;.:;;.;;;;;;;;;;;.:;.:`  (H.Classen)
>
> /JA
>
>
>
>