04 Jun 2017
Return Oriented Programming (ROP) is one of the classic exploitation techniques, that is used to bypass the NX (non executable memory) protection. Microsoft has incorporated NX as DEP (data execution prevention). Even Linux etc, have it effective, which means that with this protection, you could no longer place shellcode onto heap/stack and have it execute just by jumping to it. So now, to be able to execute code, you jump into pre-existing code (main binary,...
27 May 2017
Here, we take a look at "advanced" fuzzing (in comparison to a blind
fuzzer, as described in my "Basics of Fuzzing" note). While it also
modifies/mutates bytes etc, but it does so in a slightly smarter way
than the blind "dumb" fuzzer.
20 Apr 2017
What is a fuzzer, in the first place? And why do we use it?
07 Apr 2017
Of course, when programming, all of us use abstractions, whether they
be classes and objects, or functions, or meta-functions, or
polymorphism, or monads, or functors, or all that jazz. However, can
we really have such a thing during exploitation? Obviously, we can
exploit mistakes that are made in implementing the aforementioned
abstractions, but here, I am talking about something different.
06 Apr 2017
While simple format string vulnerabilities are becoming relatively
less common these days, every once in a while, we come across some
interesting cases in either CTFs or (less likely) real world programs,
where having a better understanding of how to attack these
vulnerabilities helps immensely.