Penetration Testing mailing list archives
RE: How can I learn assembly to Understand Buffer/heap overflows
From: "Anthony Mihaljevic" <Anthony.Mihaljevic () netsolutionsIT com au>
Date: Mon, 15 Sep 2008 09:31:29 +1000
The book: Secrets of Reverse Engineering is a killer book on this topic. (http://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Eilam/dp/0764 574817/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1221434755&sr=8-1) The Aleph1 doco "Smashing The Stack For Fun And Profit" is a good article to read, although the technology is outdated and many of the techniques don't work anymore due to GCC adding SSP (Stack Smashing Protection). It's a good read nevertheless to get my mind thinking in a reversing way. A good site for info is: http://www.openrce.org/ Tools: http://programmerstools.org/ Read these book/articles and get familiar with the relevant tools (IDA, Win32DASM, OllyDBG and SoftICE). tika -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Michael Kitange Sent: Monday, 15 September 2008 4:14 AM To: pen-test () securityfocus com; shellcoder1 () gmail com Subject: How can I learn assembly to Understand Buffer/heap overflows well a good starting point is to read "smashing stack for fun and profit" by aleph1. that being an introduction to buffer overflows and shellcode design.(using assembly). On 9/12/08, shellcoder1 <shellcoder1 () gmail com> wrote:
Hi there, what is a good way to learn assembly language so that I can understand buffer overflows and heap overflows ? Thanks in Advance.
------------------------------------------------------------------------
This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
-- Sent from Gmail for mobile | mobile.google.com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- How can I learn assembly to Understand Buffer/heap overflows shellcoder1 (Sep 12)
- Re: How can I learn assembly to Understand Buffer/heap overflows mark mark (Sep 14)
- Re: How can I learn assembly to Understand Buffer/heap overflows exploit dev (Sep 14)
- Re: How can I learn assembly to Understand Buffer/heap overflows Justin Ferguson (Sep 14)
- Re: How can I learn assembly to Understand Buffer/heap overflows Sofian Brabez (Sep 15)
- Re: How can I learn assembly to Understand Buffer/heap overflows Justin Ferguson (Sep 14)
- How can I learn assembly to Understand Buffer/heap overflows Michael Kitange (Sep 14)
- RE: How can I learn assembly to Understand Buffer/heap overflows Anthony Mihaljevic (Sep 14)