Nytro Posted October 29, 2020 Report Share Posted October 29, 2020 Linux (x86) Exploit Development Series Posted on June 26, 2015 by sploitfun First of all I would like to thank phrack articles, its author and other security researchers for teaching me about different exploit techniques, without whom none of the posts would have been possible!! I firmly believe that always original reference articles are the best place to learn stuffs. But at times we may struggle to understand it because it may be not be linear and it may be outdated too. So to the best of my efforts, here I have just simplified and conglomerated different exploit techniques under one roof, inorder to provide a complete understanding about linux exploit development to beginners!! Any questions, corrections and feedbacks are most welcomed!! Now buckle up, lets get started!! I have divided this tutorial series in to three levels: Level 1: Basic Vulnerabilities In this level I will introduce basic vulnerability classes and also lets travel back in time, to learn how linux exploit development was carried back then. To achieve this time travel, with current linux operating system, I have disabled many security protection mechanisms (like ASLR, Stack Canary, NX and PIE). So in a sense this level is kids stuff, no real fun happens!! Classic Stack Based Buffer Overflow Integer Overflow Off-By-One (Stack Based) Level 2: Bypassing Exploit Mitigation Techniques In this level lets get back to current days, to learn how to bypass different exploit mitigation techniques (like ASLR, Stack Canary, NX and PIE). Real fun do happen here!! Bypassing NX bit using return-to-libc Bypassing NX bit using chained return-to-libc Bypasing ASLR Part I using return-to-plt Part II using brute force Part III using GOT overwrite and GOT dereference Level 3: Heap Vulnerabilities In this level lets time travel back and forth, to learn about heap memory corruption bugs. Heap overflow using unlink Heap overflow using Malloc Maleficarum Off-By-One (Heap Based) Use After Free NOTE: The above list is NOT a complete list. Few more topics needs to be covered up. I am working on it, so expect it to be posted soon!! Sursa: https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/ Quote Link to comment Share on other sites More sharing options...
