security - What are some advanced and modern resources on exploit writing? -

-

I have read and finished both, and both of them were illuminating their way, but I still have lots of I feel like techniques and information presented like that which is somewhat old.

When the infamous Faraq article was written in 1996, how do I consider computer security "golden age".

It was relatively easy to write exploits in later years. Some basic knowledge in C and Assembly was necessary to overflow the buffer and execute some arbitrary shell code on the victim machine.

To keep it lightweight, things are more complex now, security engineers have to struggle with such things, such as, heap cookies, and more

You can not organize most buffer-growing exploits in this tutorial without writing these events.

With a flock of flag to close modern security.

Now if you want to write an exploitation then you have to find ways to stop DEP, spray the heap with your shell-code hundreds of times and try a random memory location near your shellcode Planted Not to mention the prevalence of managed languages ​​in use today, when it comes to vulnerabilities, it is safer.

I am moving forward to keep my security knowledge beyond a toy-exploitation for a decade old system. I am having trouble finding resources which help solve the issues of writing in the face of all the security given above.

Challenges of writing exploitation for modern systems devoted to conflict with more advanced and popular papers, books or other resources?

You have mentioned that 'Staging the Stack' research-wise before publishing this article It was only published. The Morris worm of the late 80s used it (to take the IIRC finger in the finger) at that time it was a big stir because every server back was written in optimistic C.

It took some (10 or so) years, but gradually all people have to face public-server.

Servers written in C were subject to multiple security analysis, and server-side processing was split into other languages ​​and runtime.

Different The server is not considered to be a big goal. These days it is big fish. Hijack the client and the server will allow you to operate under the client's credentials.

The scenario has changed.

Personally I am a sparse fan of assembly playing game. I do not have any practical use for them, but if you want to join, then I recommend checking the Metasplight source and reading their mailing lists. They do a lot of crazy stuff and this is all in the open.


Comments

Post a Comment

Popular posts from this blog

c# - How to capture HTTP packet with SharpPcap -

-
I would like to capture all incoming HTTP packets on my machine. To do this, I am using SharpPcap which is a WinPcap The cover is. SharpPcap works very well, but it captures TCP packets and what it wants to do for me is a very low level. Does anyone know how can I easily get full HTTP requests / reactions from all these TCP packets? Thanks SharpPcap is already able to capture the packet in the same way That's what the virus does (just in the code instead of the GUI). And you can either either parse them directly or you can put them in the drive in the common .pcap file format. The steps to parse the capture are: Open a connection at any time Loop a while Or start capturing using an event callback Parsing the raw packet for the type you want If you are reading .PPP dump files In addition to calling you an offline capture reader is almost the same, there is no need to select an interface, and you can set the majority There is no need to do the modes. All st
Read more

jquery - SimpleModal Confirm fails to submit form -

-
I am trying to confirm jQuery to show yes / no confirmation when I submit a form. I had modified (in the last list) to capture and block form submissions. However, it only works with jQuery 1.2.6, a recent upgrade stops 1.3.2, if yes is clicked, then by submitting the form. But I can not understand what is wrong / inconsistent in my code now. Demo (which works in both versions of a simple window.href implementation). $ (document) .ready (function () {$ ('input.delete'). Click (function (e) {e.preventDefault (); var target = $ (e .target); Confirm ("Really delete this event?", Function () {target.click ()});});}); How about something like this? The idea of ​​catching clicks (and fire!) On the submitted event is not click event. $ (document) .ready (function () {$ ('# myForm'). Submit (function () {var f = this; Confirm (" Remove? ", Function () {$ (f). Submit ();}) Return; Return the initial session;}}}}; Hope That this is som
Read more

php - Multiple Select with Explode: only returns the word "Array" -

-
By using Wordpress I have created a multiple selection box so that users can select categories to exclude. When the page is initially loaded, I see my predefined default option. However, when I select a new value and I save ... I only see the word "Array" and have not chosen anything else? & lt; Class = "amultiple" id = "& lt; php echo $ value ['id'] ;? gt;" name = "& gt; php echo $ value ['id'] ;; gt; []" Multiple = "multiple" size = "8" & gt; & Lt ;? Php global option; Foreign currency ($ value as value $) {if (get_settings ($ value ['id']) === FALSE {$$ value ['id'] = $ value ['std']; } And {$$ value ['id'] = get_settings ($ value ['id']); }} $ Ranges = & amp; Amp; Categories ('type = post & orderbiz = name & amp; hide_empty = 1'); If ($ ranges) {$ ex_cat = implode (',', $ tt_cat_exclude); Forex Currency ($ range a
Read more