Exploiting FreeList[0] on XP SP2
|
Bret Moore | English.ZIP pdf with source |
|
Aleph One |
Phrack Magazine 49, Fall 1997 |
English Español Russian Source |
|
Plasmoid |
THC Magazine #3, 1996 |
English Español |
Good text. |
|
Smith,Nathan P. |
May 7, 1997 |
Text File |
Good. |
Advanced buffer overflow exploit. |
Taeho Oh |
http://ohhara.4dl.com/ |
EnglishEspañol |
. |
|
Mudge |
Lopht November 1995 |
HTML |
Good text. |
|
Pierre-Alain FAYOLLE, Vincent GLAUME |
ENSEIRB Networks and Distributed Systems 2002 |
English-HTML PDF |
Gera said it isn´t good. |
Overflowing Buffers. |
David LeBlanc |
June 2000 |
HTML |
- |
buffer overflows for the kidz (x86 platforms) |
teleh0r@doglover.com |
http://teleh0r.cjb.net |
EnglishEspañol |
- |
how to code stack based exploits |
dethy@synnergy.net |
March 2000 |
Text |
- |
|
Mudge |
Lopht October 1996 |
Good text. |
|
Lamagra |
http://bounce.to/unah16 |
Text File |
. |
|
Mixter |
- |
Text File |
Security under Linux : the Buffer Overflow Problem |
Willy Tarreau |
November 1997 |
HTML files |
- |
|
Lefty |
- |
Text File |
|
Olivier Crete |
Junary 2001 |
PDF(FRENCH) |
College-level introduction on buffer overflows and their solutions. |
|
Murat Balaban |
2001 |
English Turkish |
|
The Itch / BsE |
1999 |
English-part1 English-part2 Dutch-part1 Dutch-part2 |
Writing Buffer Overflow Exploits with Perl |
teleh0r@doglover.com |
2000 |
English |
Buffer Overflows On the SPARC Architecture |
David Litchfield,@stake |
2001 |
English-MSWordDoc.zip |
Using Environment for returning into Lib C |
Elie aka Lupin Bursztein |
February 2002 |
English-HTML |
Non-stack Based Exploitation of Buffer Overrun Vuln. on Windows NT/2000/XP |
David Litchfield, NGSSoftware Insight Security Research |
March 2002 |
English-PDF |
|
DilDog [cDc] |
http://www.cultdeadcow.com/cDc_files/cDc-351/ |
Good. |
|
dark spyrit (Barnaby Jack) |
Phrack Magazine 55(15), May 2000 |
Text File Español |
Good text. |
|
Jason Jordan |
- |
Text File |
Good text. |
Windows NT Buffer Overruns |
David Litchfield (Mnemonix) |
1999 |
HTML
RAS Buffer Overrun Exploit and Tutorial
HTML Winhlp32 Buffer Overrun Exploit and Analysis |
Examples. |
Avoiding Buffer Overruns with String Safety |
David LeBlanc |
June 2000 |
HTML |
- |
|
dark spyrit (Barnaby Jack) |
Phrack Magazine 55(8), May 2000 |
English Español |
Good text. |
Heap Overflows. |
Matt Conover(Shok) & w00w00 Security Team |
January 1999 http://www.w00w00.org/articles.html |
Text Source Files |
Good |
__atexit in memory bugs |
Pascal Bouchareine |
Bugtraq, December 2000 |
Text |
Specific proof of concept with statically linked binaries and heap overflows. |
Overwriting the .dtors section. |
Juan M. Bello Rivas |
TextRussian |
This paper presents a concise explanation
of a technique to gain control of a C program's flow of execution given
that it has been compiled with gcc. This text assumes that the reader is
familiar with general overflow
techniques and the ELF format. |
|
Lamagra |
http://bounce.to/unah16 |
Text File |
How to call system() to execute a shell exploiting a buffer overflow. |
|
Esa Etelavuori |
December 2000 |
English |
Buffer overflow exploit in the alpha linux. |
Taeho Oh |
http://ohhara.4dl.com/ |
English Español |
m68k buffer overflows |
Lamagra |
http://bounce.to/unah16 |
English |
Linux ppc |
Smashing C++ VPTRS |
rix |
Phrack Magazine 56(08), Janary 2000 |
Text |
Taking Advantage of non-terminated adjacent memory spaces. |
twitch |
Phrack Magazine 56(14), Janary 2000 |
Text Español |
strncpy(name, hname, sizeof name) isn't so secure.... read it |
Local root exploit in LBNL traceroute. (wrong call to free bug) |
Michel "MaXX" Kaempf |
November 2000 |
Text |
Example of exploiting incorrect calls to free() bugs to execute arbitrary code. |