IT security community: Blogs home

Windows Heap Overflow Tutorial

SkillTutos — Mon, 19 Apr 2010 13:35:44 +0200

Soon, we start with our Windows Heap Overflow Tutorial. If you think stack overflows are difficult to understand and exploit, stop reading here. Heap Overflows once were easy to exploit. The so-called "4-Byte Overwrites" are gone. Before we continue with Win XP SP2 or higher, we first start with exploit examples on Windows 2000. As a starting point, we recommend to read the following papers on this topic:

- "Third Generation Exploitation" by Halvar

- "Windows Heap Overflows" by David Litchfield

- "Reliable Windows Heap Exploits" by Matt Conover & Oded Horovitz

- "Memory Corruption Part II - Heaps" by Mario Hewardt and Daniel Pravat

Format String Vulnerability Tutorial

SkillTutos — Sat, 03 Apr 2010 16:30:39 +0200

In this thread, we explain another class of bugs: Format String Vulnerabilities. The target OS is Windows and Mac OS X.

Security stuff we read

SkillTutos — Tue, 30 Mar 2010 20:08:36 +0200

In this blog, we discuss or link to articles, blogs etc. that we find interesting.

Windows Stack Overflow Tutorial

SkillTutos — Sun, 28 Mar 2010 17:27:51 +0200

Today, exploiting software vulnerabilities isn't easy anymore. For beginners, it is almost impossible to understand modern exploitation techniques. There are too many countermeasures implemented and it is hard to catch up with today's attack techniques.

Altough stack overflows are almost gone, at least in professional software products, beginners should start with such "easy" techniques first. This tutorial explains stack overflow vulnerabilities in more detail. We will also discuss and demonstrate how easy or hard it is to bypass countermeasures such as DEP or ASLR. We also talk about heap spraying, binary diffing or how to bypass DEP and ASLR at the same time.

Have fun...