Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Assembler/C References

From: cyberiad () www nmrc org
Date: Mon, 15 Jul 2002 21:56:56 -0400 (EDT)

A small sampling of references for Win32 overflows follow,

"Win32 Buffer Overflows (Location, Exploitation and Prevention)"
  Dark Spyrit
  Phrack 55
  http://www.phrack.org/show.php?p=55&a=15

and to give you some other ideas on writing Win32 shellcode,

"Non-Stack Based Exploitation of Buffer Overrun Vulnerabilities
 on Windows NT/2000/XP"
  David Litchfield
  http://www.nextgenss.com/papers/non-stack-bo-windows.pdf

"Creating Arbitrary Shellcode In Unicode Expanded Strings"
  Chris Anley
  http://www.nextgenss.com/papers/unicodebo.pdf

Tools I use to support reverse engineering for the analysis include gdb,
Soft-Ice (http://www.numega.com) and  IDA-Pro (http://www.datarescue.com).
Data Rescure offers a limited freeware version of IDA Pro; limited in
functionality and processor/executable format but works for Win32.

Cyberiad

On Mon, 15 Jul 2002, Jeremy Junginger wrote:


n00b question:

I'm diving into Assembler and C with the hopes of understanding
application level exploits a little more in depth.  In your opinion,
what are the most beneficial references/tutorials/threads/tools that
helped you get started on your journeys to buffer-overflow-nirvana?
I've read the Introduction to Buffer Overflow by Ghost Rider as well as
the Buffer overflow how-to by Mudge, and both were very valuable.  GDB
appears to be a very strong tool to assist with finding and exploiting
overflows.  Any additional references out there?  Coding is a bit new to
me...so like the human torch says..."Flame ON!!!"

-Jeremy
Previous By Date Next
Previous By Thread Next

Current thread: