November 23rd, 2005, 02:03 PM
Writing Stack Based Overflows on Windows
So here's a prime example of what will go in the AO External Tutorial DB when it's finished but until then we'll keep throwing stuff on here..
Other articles on this same page include:
Part I – Basic Concepts
Part II - Windows Assembly for writing Exploits
Part III - Stack Overflows
Part IV – Shell Code Creation and Exploiting An Application Remotely
Appendix V – Source Code Used In Articles
The articles released this week introduce basic concepts of of memory management, and assembly. Next week the next two articles will be released.
The articles also have a Mini Exercise section, the solutions for which will be provided on November 20th. If you would like us to put your solution in, please send us an email at articles[a-t]securitycompass.com with the subject solution in it. The best solution shall be published as a link here
Exploiting And Defending Networks
Exploiting And Defending Web Applications
Analyzing Code for Security Defects
I haven't read it yet, but I plan on looking into it shortly (I have to pass my work day boredom somehow)
IT Blog: .:Computer Defense:.
(Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".
November 23rd, 2005, 05:42 PM
I have been following this since they released the first chapter a while back. It is a decent write up, but it is not and end all/be all of stack overflows. It does give a great overview in to the world of buffer overflows.
If you want to go further indepth on this topic then there are a couple of books that I would recommend if you are interested. The first is Buffer Overflow Attacks by James C. Foster and that has Nisha Bhalla (the guy that wrote the short papers linked) as a co-author.
The other one is also by James Foster and is called Sockets, Shellcode, Porting, and Coding : Reverse Engineering Exploits and Tool Coding for Security Professionals. This one is not directly pertaining to overflows but it gives great insight in to security coding and links very well with the other book.
The second book is pretty hardcore, and assumes that you have some programming skills. The first one isn't nearly as difficult to follow for the novice programmer though it /does/ have some hard to follow sections
All in all I say those two books will put you firmly on the course of finding and developing your own overflows. They also will give you a very good foundation for reviewing code in your organization and helping to secure any applications that your company may produce.
Give a man a match and he will be warm for a while, light him on fire and he will be warm for the rest of his life.
November 23rd, 2005, 10:54 PM
I read that Sockets, Shellcode, Porting, and Coding : Reverse Engineering Exploits and Tool Coding for Security Professionals a few months ago in Barnes & Noble. It was very very insightful. I never had the money to buy it though. (College student) As soon as I do save up a few I'm sure I'll add that book to my collection though.
"Do you know why the system is slow?" they ask
"It's probably something to do with..." I look up today's excuse ".. clock speed"