Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Analysis of the Exploitation Processes (.pdf)

From: Steven Hill <steve () covertsystems org>
Date: Tue, 23 Mar 2004 20:15:58 +1100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hello,

"Analysis of the Exploitation Processes" (.pdf)


"Covert Systems Research" has drafted together a tutorial defining
several of the common types of vulnerabilities together with their
counterpart command line exploit sequences. The descriptions of
these types of vulnerabilities range from stack to heap, function
pointer and format string weaknesses.

This draft holds reasonably documented methods to exploitation of
those types of vulnerabilites through the use of several command
line exploit sequences. This will provide the exploit developer a
more in-depth understanding of how an exploitation method works.

Given this information, a Proof-of-Concept code should be easier
to develop while also giving the reader a greater satisfaction,
upon its creation.

This whitepaper has been developed to help those seeking to improve
their exploitation skills while also aiming to give the reader the
knowledge for a more surgical aspect to manipulating vulnerable
programs. This paper however, does not intend to be complete or
comprehensive but rather as an addition to a persons E-shelf.

Covert Systems Research will take kindly to any constructive
criticism regarding this draft & any comments are welcome.

http://www.covertsystems.org/archives/misc-papers/csr-exploitation.pdf

Topics Covered:

Stack overwrite
Heap overwrite
Function pointer overwrite (.bss)
Format string
Return-to-libc


Enjoy,
~     SolarIce

- --

~ ---=[ Covert Systems Research ]=-----------------------------//
~ = www.covertsystems.org                                      -
~ = Exploit Research & Development                             -
~ = Specializing in Linux & UNIX Systems                       -
~ --------------------------------------------=[ SolarIce ]=---//

~ --The more one reads & learns, the less the other person knows.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3rc2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFAYABNKq9kGAk9yF8RAgYYAKCMNz6R+T+yeVEMMU3n4RrS4nR1oACgvUy0
ASsBv2RU51Mso/vskBa0weE=
=mmbq
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: