« earlier | later » Page 1 of 1
Hacking Team: a zero-day market case study edit / delete
"This article documents Hacking Team's third-party acquisition of zero-day (0day) vulnerabilities and exploits. The recent compromise of Hacking Team's email archive offers one of the first public case studies of the market for 0days."
main is usually a function: Writing kernel exploits edit / delete
A nice introduction, along with some of the mitigations (circa 2012).
Blind Return Oriented Programming (BROP) edit / delete
"Evolving" an ROP attack against an automatically-restarting server. This works by finding two gadgets whose behaviour you can distinguish (e.g. crashing vs. hanging), then constructing ROP chains that will have different behaviour depending on how many items are popped, then trying lots of addresses and combinations of arguments to find gadgets. Neat!
to buffer-overflow exploit rop security ... on 29 June 2015
« earlier | later » Page 1 of 1
- exploit | |
1 | + buffer-overflow |
1 | + economics |
1 | + kernel |
1 | + linux |
1 | + rop |
3 | + security |
tasty by Adam Sampson.