Please enable JavaScript.
Coggle requires JavaScript to display documents.
Linux (x86) Exploit Development Series (Level 1: Basic Vulnerbinity…
Linux (x86) Exploit Development Series
Level 1: Basic Vulnerbinity
Classic Stack Based Buffer Overflow
VM Setup:Ubuntu 12.04 (x86)
Copying source buffer into destination buffer could result in overflow when
Source string length is greater than destination string length.
No size check is performed.
What is arbitrary code execution?
Allows attacker to execute his code inorder to gain control of the victim machine.
Method
spawning a root shell
adding a new user
opening a network port
Integer Overflow
Off-By-One (Stack Based)
Level 2: Bypassing Exploit Mitigation Techniques
Bypassing NX bit using return-to-libc
Bypassing NX bit using chained return-to-libc
Heap overflow using unlink
Heap overflow using Malloc Maleficarum
Off-By-One (Heap Based)
Use After Free
Bypasing ASLR
Part I using return-to-plt
Part II using brute force
Part III using GOT overwrite and GOT dereference
Level 3: Heap Vulnerabilities