introduction to buffer overflows
Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: introduction to buffer overflows

  1. #1
    Senior Member
    Join Date
    Jun 2002
    Posts
    165

    introduction to buffer overflows

    i've gone through the tutorials myself, and seeing a lack of an original buffer overflow tutorial - i might as well post (err. link to) mine. it's designed as a supplement to "sts" for those who might not understand some of the core concepts presented there; while taking a slightly different approach to presentation, content, and even contains a slight modification to AlephOne's overflow design. there are a few tangents presented and the exploit work is perl based to appeal to a wider audience. feel free to comment and or criticize (as though i even need to give you permission). i've been through worse, and i'm sure not perfect, though i've edited and re-edited for errors as needed (even used capital letters where appropriate): further corrections and suggestions are always gladly accepted.


    http://droby10.addr.com/tutorial/bof/

    enjoy.
    -droby10

  2. #2
    Senior Member
    Join Date
    Jun 2002
    Posts
    165
    wow 10 minutes it's up and already negative points...so i'll address each in hopes of compromise:


    "It would be preffered that the tutorial be posted on the board, but I think that while the tutorial could be used by both White and Black hats it could prove useful and informative. "

    i understand and if i'm wrong in my assumptions, please let me know and i'll be happy to post it here instead - but the point of building the tutorial in the first place was to get away from the ascii diagrams that some have trouble with - the only real advantage to my tutorial over the vast others out there is that it presents the information in a manner that is based on illustration...given that i'm not an experienced antionline user, i would have trouble expressing the same information with the same impact. for those that are worried about visiting external unknown sites, i don't use images, javascript, or even server-side scripting - it's straight html.

    "yeah right, like you wrote this yourself, "

    i'm sorry you feel this way...maybe you'll take the time to read and rethink this one...maybe you won't.
    -droby10

  3. #3
    Junior Member
    Join Date
    Aug 2001
    Posts
    4
    AO is full of communist who think that they are better than everyone else. I haven't seen a forum of people so full of them selves before. I'd just like to say **** you to all the people who think there better than everyone else and peace out and AO sux
    http://impractical.go0.net

  4. #4
    Webius Designerous Indiginous
    Join Date
    Mar 2002
    Location
    South Florida
    Posts
    1,121
    Not another one.. Hmm.. Hopefully this won't kill your post droby10. If it does just start a new one. Looks like the new suicidal thread feature is gunna be tested.

  5. #5
    Banned
    Join Date
    Jun 2002
    Posts
    458
    Lol, yup. I wonder how long it will take, or how it picks the threads. Also, you shouldn't post a tutorial on exploits. You may want to exlpain them, for a good example on how to post exploits, check up on ntsa, he has posted some good ones and even gets positive points for them. Ask him how its done.

  6. #6
    Banned
    Join Date
    Jun 2002
    Posts
    40
    AO is full of communist who think that they are better than everyone else. I haven't seen a forum of people so full of them selves before. I'd just like to say **** you to all the people who think there better than everyone else and peace out and AO sux
    who is this guy? what a nut. i don't know about you guys but communism was a good idea, but it leads to dictatorship, so i don't like it. and AO doesn't suck.

  7. #7
    Senior Member
    Join Date
    Jun 2002
    Posts
    165
    Originally posted here by impractical
    AO is full of communist who think that they are better than everyone else. I haven't seen a forum of people so full of them selves before. I'd just like to say f*** you to all the people who think there better than everyone else and peace out and AO sux
    that's a new one...out of all the things i've been called before, 'communist' is definately the farthest stretch - but i'm glad to see that you don't see me as something more profane; i can live with 'communist'.

    as far as having an ego, yeah sure i'm secure in my capabilities...but i still have goals, ambitions, and am never content with said capabilities - would you believe that i even have people that i look up to. who knows, perhaps you'll be one of them.

    but, i'm most disturbed with your anger/frustration with so-called ego-centric communists being misdirected at AO. i came here. it was my choice; AO does not confine, encompass, or embrace me as a person, professional, or mindset with regards to economic and social activism - nor contribute or deny any self confidence i have for myself and others.

    if, in some way, my post/tutorial on buffer overflows offended you in a personal manner - please let me know so that i can appologize with reason and direction; rather than wondering what you read that you would allow yourself to get upset about....as i'm having a hard time finding the correlation between stack frames and communism.
    -droby10

  8. #8
    Senior Member
    Join Date
    Jun 2002
    Posts
    165
    Originally posted here by khakisrule
    Lol, yup. I wonder how long it will take, or how it picks the threads.
    hopefully at random....with the same odds i have for winning this weeks lottery.

    Also, you shouldn't post a tutorial on exploits. You may want to exlpain them, for a good example on how to post exploits, check up on ntsa, he has posted some good ones and even gets positive points for them. Ask him how its done.
    i'll see to do better on this in the future. i was trying to add something to the pile that was lacking, but sometimes i take for granted that others would use information in the same manner i choose to. thanks for the advice, and ntsa's tut's _are_ really good and much better positioned.
    -droby10

  9. #9
    Banned
    Join Date
    Jun 2002
    Posts
    458
    No prob.

  10. #10
    Banned
    Join Date
    Nov 2003
    Posts
    68
    man i know a Basic C programming
    so can u give me a Tutorial of C in what i need to learn this Buffer overflow

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides