02.ExploitDev_102_103.pdf
(
2538 KB
)
Pobierz
Exploitation 102-103
Owen Redwood
Offensive Computer Security 2.0
http://hackallthethings.com/
Outline
●
The Foundations of writing Shellcode
○ how is it written
■ examples
■ Linux
■ how it is used
■ position independence
Win32 Process memory Map
○ How it differs from linux process memory map
Heap exploitation
○ Heap Spray
○ Buffer overflow on heap
○ Use after free
Format String Exploitation
○ Couple of demos
Executable Security Mechanisms
○ Stack cookies, ASLR, DEP/NX, Safe SEH, SEHOP
○ ways to bypass them
●
●
●
●
$|-|3|_|_(0])3
(Because I don't train script kiddies)
-Main Sources:
The Shellcoder's Handbook
Hacking: The Art of Exploitation
Why?
Tools
●
●
●
●
●
●
●
Hexedit (or hex editor of your choice)
nasm ("netwide" assembler for x86)
objdump (displays object file information)
gcc
gdb
ld (the GNU linker)
dd (extracting raw data (i.e. shellcode) from compiled binaries)
and most importantly:
a shellcode tester
https://github.com/hellman/shtest
Generic tool that tests whether shellcode performs as expected
■ simple shellcode
■ networking shellcode
■ etc...
Plik z chomika:
kufel_007
Inne pliki z tego folderu:
01.ExploitDev_101.pdf
(467 KB)
01.HW6.pdf
(140 KB)
02.ExploitDev_102_103.pdf
(2538 KB)
Inne foldery tego chomika:
01.Intro
02.SecureC
03.Code_Auditing
04.Linux
05.Windows
Zgłoś jeśli
naruszono regulamin