neox Posted July 13, 2015 Report Posted July 13, 2015 First of all I would like to thank phrack articles, its author and other security researchers for teaching me about different exploit techniques, without whom none of the posts would have been possible!! I firmly believe that always original reference articles are the best place to learn stuffs. But at times we may struggle to understand it because it may be not be linear and it may be outdated too. So to the best of my efforts, here I have just simplified and conglomerated different exploit techniques under one roof, inorder to provide a complete understanding about linux exploit development to beginners!! Any questions, corrections and feedbacks are most welcomed!! Now buckle up, lets get started!! I have divided this tutorial series in to three levels:Level 1: Basic VulnerabilitiesIn this level I will introduce basic vulnerability classes and also lets travel back in time, to learn how linux exploit development was carried back then. To achieve this time travel, with current linux operating system, I have disabled many security protection mechanisms (like ASLR, Stack Canary, NX and PIE). So in a sense this level is kids stuff, no real fun happens!! Classic Stack Based Buffer Overflow Integer Overflow Off-By-One (Stack Based)Level 2: Bypassing Exploit Mitigation Techniques In this level lets get back to current days, to learn how to bypass different exploit mitigation techniques (like ASLR, Stack Canary, NX and PIE). Real fun do happen here!! Bypassing NX bit using return-to-libc Bypassing NX bit using chained return-to-libc Bypasing ASLR Part I using return-to-plt Part II using brute force Part III using GOT overwrite and GOT dereferenceLevel 3: Heap VulnerabilitiesIn this level lets time travel back and forth, to learn about heap memory corruption bugs. Heap overflow using unlink Heap overflow using Malloc Maleficarum Off-By-One (Heap Based) User After FreeNOTE: The above list is NOT a complete list. Few more topics needs to be covered up. I am working on it, so expect it to be posted soon!!https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/ 1 1 Quote
NO-MERCY Posted July 15, 2015 Report Posted July 15, 2015 Damn .... Heap Section (Level 3) it's Perfect ... Quote
NO-MERCY Posted July 24, 2015 Report Posted July 24, 2015 (edited) ok ... Now All IN One PDF By ; NO-MERCY Details : File : Linux (x86) Exploit Development Series.pdf Pages : 164 Size : 4.1 MB CRC-32: d62360f5 MD4: f839f7d6ccc0c4c61846242a64a448f4 MD5: 1df6744fe419ca9e584723ad1fa79dd0 SHA-1: c117208aceded332cea96e0afa4dd33f91314b93Download RegardsNO-MERCY Edited October 31, 2015 by NO-MERCY Img Link Updated 1 Quote
M2G Posted July 24, 2015 Report Posted July 24, 2015 @NO-MERCY Can you make some mirrors? I don't want to create a 4shared account or link any of my social media accounts.Thanks! Quote
Active Members MrGrj Posted July 24, 2015 Active Members Report Posted July 24, 2015 @NO-MERCY Can you make some mirrors? I don't want to create a 4shared account or link any of my social media accounts.Thanks!Daca faci rost de ceva mirrored, da-mi si mie un tag in post-ul asta te rog Quote
NO-MERCY Posted October 31, 2015 Report Posted October 31, 2015 Hello RST : Final Dark Pdf Edition Completed All Code Syn-taxed Cover : Details : File: Linux (x86) Exploit Development Series _ Final Black.pdf CRC-32: 5efc67a5 MD4: 8a7f2415918cf8bb1e94dcda68bf1608 MD5: 2142e345fad13acdfcea20ea85f23ce0 SHA-1: 7ae65d6515136e9e912be94a0e0013b056071639Pages: 107Size: 10.4 MBDownload : 4SHARED Link Best Regards NO-MERCY 1 Quote