Hacking Team: a zero-day market case study edit / delete

"This article documents Hacking Team's third-party acquisition of zero-day (0day) vulnerabilities and exploits. The recent compromise of Hacking Team's email archive offers one of the first public case studies of the market for 0days."

to economics exploit security ... on 15 September 2016

main is usually a function: Writing kernel exploits edit / delete

A nice introduction, along with some of the mitigations (circa 2012).

to exploit kernel linux security ... on 28 February 2016

Blind Return Oriented Programming (BROP) edit / delete

"Evolving" an ROP attack against an automatically-restarting server. This works by finding two gadgets whose behaviour you can distinguish (e.g. crashing vs. hanging), then constructing ROP chains that will have different behaviour depending on how many items are popped, then trying lots of addresses and combinations of arguments to find gadgets. Neat!

to buffer-overflow exploit rop security ... on 29 June 2015

Browser bookmarks: tasty+ | tasty= Log in | Export | Atom

Tags related to exploit

- exploit
1 + buffer-overflow
1 + economics
1 + kernel
1 + linux
1 + rop
3 + security