|
[[-basic overflow papers-]]
|
||
| [-name-] | [-description-] | [-author-] |
| art-shellcode.txt | "Hopefully you are familiar with generic shell-spawning shellcode. If not read Aleph's text "Smashing The Stack For Fun And Profit" before reading further. This article will concentrate on the types of shellcode needed to exploit daemons remotely. Generally it is much harder to exploit remote daemons, because you do not have many ways of finding out the configuration of the remote server. Often the shellcode has to be much more complicated, which is what this article will focus on." |
Smiler
|
| bufero.txt | Mudge's "reminder note" to himself on writing overflows, AT&T assembly syntax asm, and gdb tricks: includes lots of commentary. |
mudge
|
| buffer.txt | This paper is a walkthrough of detecting whether programs are vulnerable to buffer overflow exploits, how to exploit them, and how to write shellcode. This article was written with the beginner in mind. |
Ghost_Rider
|
| exploit.txt | This paper aims to teach the novice - average C programmer how an overflow condition can be proven to be exploitable. |
Mixter
|
| heaptut.txt | "This article explains how heap/BSS-based (data segment) overflows are fairly common in programs today; yet, they are rarely reported. Provided in this article is an explanation of heap-based overflows along with several methods of exploitation, demonstrations, and possible solutions/fixes to the problem." |
Matt Connover
|
| overflow_tutorial.txt | brief introduction, does not cover writing shellcode |
QuantumG
|
| overflows.txt | A guide to writing simple buffer-overflow exploits for x86 *nix. This guide intends to teach the basics of buffer overflow to the average C programmer without the need for complex knowledge of assembly. During this paper I will be using FreeBSD 4.2-Release to demonstrate procedures. |
fides
|
| p49-14.txt | This paper explains what buffer overflows are, and how their exploits work. Basic knowledge of assembly language is required. An understanding of virtual memory concepts, and experience with gdb are very helpful but not necessary. The creation of NULL free shellcode is demonstrated, and generic shellcode for several platforms and architectures is included at the end of the document. |
Aleph One
|
| perl-buffer.txt | Writing Buffer Overflow Exploits with Perl |
teleh0r
|
| stealthcode.txt | Many Intrusion Detection Systems search for buffer overflow attempts on the wire by searching for Null Operations (NOPs), which are represented as "0x90". NOPs are used to jump to the next instruction without any modification to the execution of assembly code, but that same functionality can be achieved by using a jump instruction (jmp 0x00) to the next instruction. Working shellcode without binary zeros (0x00) is included at the end of the article. |
Xtremist
|