Collaborate Disseminate
I’m working on an exploit development challenge right now in which I’ve been presented with a compiled binary and I have to exploit it on a remote server. No stack protections have been enabled and ASLR is disabled. I’ve writ… Continue reading Remote Buffer Overflow w/out Memory Leak
I am starting to learn about ARM assembly from https://azeria-labs.com/writing-arm-shellcode/ and I want to practise receiving data from a socket. This is a code snippet of what I am learning so far. The testing is done on a … Continue reading ARM Assembly and Shellcode (using recv)
I’m trying to overwrite a return address by using buffer overflow.
1 #include <stdio.h>
2 #include <string.h>
3
4 void jumphere(){
5 printf(“SUCCESS!!”);
6 }
7
8 int main(int argc, char** ar… Continue reading How to overwrite \x00 on the memory address
Ihave intermediate file during x32dbg processing with some unknown format. The few starting bytes of encoded file is:
2E 08 31 5F 63 52 A1 5F 2D 08 31 5F 2A 08 31 5F D1 F7 31 5F 96 08
31 5F 2E 08 31 5F 6E 08 31 5F 2E 08 3… Continue reading Which decoding is used by x32dbg durring debuging a file?
these days i’m interested in learning how metasploitable payloads works deep down.
I’m not new to programming and luckly metasploitable comprehend a lot of interesting payloads with all the relevant source code.
However i’v… Continue reading ASM source code explaination of a general payload such as shell_reverse_tcp.asm
C-programmers who don’t have a mental model of what’s going on underneath their thin veneer of abstraction above assembly code are destined for trouble. In order to provide a convenient way to understand what C-code gets compiled to and how it runs on the machine, [Alex Beharrell] has created penguinTrace, …read more
Continue reading Examine Source Code to Assembly Mapping with penguinTrace
I’m working on an exploit for a course, where I finally have the EIP in my hands. My buffer is conveniently located at ESP and I could find a JMP ESP, which redirects the program flow to my buffer.
The only problem I have no… Continue reading Bufferoverflow development with EIP in control but forced to use a certain OPCODE
I’m trying to exploit the following code with a buffer overflow and make it run the overflowed function:
#include <string.h>
#include <stdio.h>
void overflowed() {
printf(“%s\n”, “Execution Hijacked”… Continue reading Problem with overwriting the return address (buffer overflow)
Every year for the past 35 years, the German Chaos Computer Club has met just after Christmas for a few days of “Spaß am Gerät” — having fun with the machines. And that’s everything from trying to bring an old PDP-8 back into running condition to forging new software to replace the old and busted social media platforms that permeate our lives. The sum total of around 17,000 people doing the nerdy stuff that they love, and sharing it together, is both amazing and inspiring. Four days of little sleep and much socializing later, I bet there was still another …read more
Continue reading 35C3: Biggest Communication Congress, Yet Little Chaos
Why would anyone bother to create new content for a console system that’s staring down its 40th birthday? Perhaps just for the challenge of fitting a game into 40 kilobytes of storage.
That at least seems to be the motivation behind [Morphcat Games] pending release of Micro Mages, a new game for the Nintendo Entertainment System console that takes its inspiration from Super Mario Bros. The interesting bit here is how they managed to stuff so much content into so little space. The video below goes into great detail on that, and it’s a fascinating lesson in optimization. …read more
Continue reading New Game, Old Ways: Cramming an NES Game into 40 kB