First of all I would like to thank phrack articles, its author and other security researchers for teaching me about different exploit techniques, without whom none of the posts would have been possible!! I firmly believe that always original reference articles are the best place to learn stuffs. But at times we may struggle to understand it because it may be not be linear and it may be outdated too. So to the best of my efforts, here I have just simplified and conglomerated different exploit techniques under one roof, inorder to provide a complete understanding about linux exploit development to beginners!! Any questions, corrections and feedbacks are most welcomed!! Now buckle up, lets get started!! I have divided this tutorial series in to three levels:
Level 1: Basic Vulnerabilities
In this level I will introduce basic vulnerability classes and also lets travel back in time, to learn how linux exploit development was carried back then. To achieve this time travel, with current linux operating system, I have disabled many security protection mechanisms (like ASLR, Stack Canary, NX and PIE). So in a sense this level is kids stuff, no real fun happens!!
Level 2: Bypassing Exploit Mitigation Techniques
In this level lets get back to current days, to learn how to bypass different exploit mitigation techniques (like ASLR, Stack Canary, NX and PIE). Real fun do happen here!!
Level 3: Heap Vulnerabilities
In this level lets time travel back and forth, to learn about heap memory corruption bugs.
- Heap overflow using unlink
- Heap overflow using Malloc Maleficarum
- Off-By-One (Heap Based)
- Use After Free
NOTE: The above list is NOT a complete list. Few more topics needs to be covered up. I am working on it, so expect it to be posted soon!!
nice article!! thanks
LikeLike
Thanks for reading!!
LikeLike
[…] Linux (x86) Exploit Development Series […]
LikeLike
[…] Linux (x86) Exploit Development Series […]
LikeLike
[…] kurs zarówno prostej exploitacji jak i omijania popularnych metod ochronnych (ASLR, Stack Canary, NX, […]
LikeLike
The articles are great! Keep writing 🙂
LikeLike
Reblogged this on Stuff with Aurum and commented:
Amazing tutorials for linux exploit development!
LikeLike
It’s “Use After Free” not “User After Free” on this page.
XD
LikeLike
ha ha corrected!!
LikeLike
Thanks For This Excellent series (Level 3 it’s perfect)
All in One Pdf :
Details :
File : Linux (x86) Exploit Development Series.pdf
Pages : 164
Size : 4.1 MB
CRC-32: d62360f5
MD4: f839f7d6ccc0c4c61846242a64a448f4
MD5: 1df6744fe419ca9e584723ad1fa79dd0
SHA-1: c117208aceded332cea96e0afa4dd33f91314b93
Download
http://www.4shared.com/office/kRoeVlaMce/Linux__x86__Exploit_Developmen.html
Regards
NO-MERCY
LikeLike
Somebody was asking for pdf of my blog posts. Here you go!!
Thanks a lot NO-MERCY!!!
LikeLike
I Make The Final Dark Edition pdf covered and all codes syntax-ed
and other things corrected .. hope you like it
All Rights Re(V)ersed 🙂
Details :
File: Linux (x86) Exploit Development Series _ Final Black.pdf
CRC-32: 5efc67a5
MD4: 8a7f2415918cf8bb1e94dcda68bf1608
MD5: 2142e345fad13acdfcea20ea85f23ce0
SHA-1: 7ae65d6515136e9e912be94a0e0013b056071639
Pages: 107
Size: 10.4 MB
Download:
http://www.4shared.com/office/z_aBvrF9ba/Linux__x86__Exploit_Developmen.html
LikeLike
Great articles ! thx!
LikeLike
Really nice and helpfull blog!!! Really like it~ Thanks.
LikeLike
Great articles ! i want to know will you write new articles about x64 program’s exploit .and the analysis of real world’s vulnerability.thanks a lot !
LikeLike
x64 NO. But new cve vulnerability analysis is on plan. Let see if I get there!! 😉
LikeLike
good article~:)
LikeLike
great tutorial series! subscribed, and hope there’s more to come.
LikeLike
thx a lot.
LikeLike
[…] Linux (x86) Exploit Development Series […]
LikeLike
[…] Linux (x86) Exploit Development Series […]
LikeLike
[…] CREDITS: Sploit-fun e “Smashing the stack for fun and profit”. […]
LikeLike
[…] CREDITS: Sploit-fun. […]
LikeLike
Hi mate! When will you pull out new tutorials? It’s been years :D! Keep up the great work!
LikeLike
Why no more posts?
LikeLike