Make your own free website on Tripod.com
 
Exploiting FreeList[0] on XP SP2
Bret Moore
English.ZIP pdf with source
Smashing The Stack For Fun And Profit
Aleph One
Phrack Magazine 49, Fall 1997 
English Español Russian Source
Stack Overlflows exploits on LINUX/BSDOS/FREEBSD/SUNOS/SOLARiS/HP-UX
Plasmoid
THC Magazine #3, 1996
English Español
Good text.
Stack Smashing Vulnerabilities in the UNIX Operating System
Smith,Nathan P.
May 7, 1997 
Text File
Good.
Advanced buffer overflow exploit.
Taeho Oh
http://ohhara.4dl.com/ 
EnglishEspañol
.
How to write Buffer Overflows
Mudge
Lopht November 1995
HTML
Good text.
A Buffer Overflow Study Attacks & Defenses -
Pierre-Alain FAYOLLE, Vincent GLAUME
ENSEIRB Networks and Distributed Systems 2002
English-HTML PDF
Gera said it isn´t good.

 
Overflowing Buffers.
David LeBlanc
June 2000
HTML
-
buffer overflows for the kidz (x86 platforms)
teleh0r@doglover.com
http://teleh0r.cjb.net
EnglishEspañol
-
how to code stack based exploits
dethy@synnergy.net
March 2000
Text
-

 
Compromised - Buffer-Overflows, from Intel to SPARC Version 8
Mudge
Lopht October 1996 
PDF
Good text.

 
BUFFEROVERFLOWS 
Lamagra
http://bounce.to/unah16
Text File
.
Writing buffer overflow exploits - a tutorial for beginners 
Mixter
-
Text File
Security under Linux : the Buffer Overflow Problem
Willy Tarreau
November 1997
HTML files
-
Buffer Overruns, whats the real story? 
Lefty
-
Text File
Introduction de niveau collégial aux débordements de tamponset à leur solutions. 
Olivier Crete
Junary 2001
PDF(FRENCH)
College-level introduction on buffer overflows and their solutions.
Buffer Overflows
Murat Balaban
2001
English Turkish
Exploitation of Stack Based buffer overflows
The Itch / BsE
1999
English-part1 English-part2 Dutch-part1  Dutch-part2

 
Writing Buffer Overflow Exploits with Perl 
teleh0r@doglover.com
2000
English

 
Buffer Overflows  On the SPARC Architecture
David Litchfield,@stake
2001
English-MSWordDoc.zip
Using Environment for returning into Lib C
Elie aka Lupin Bursztein
February 2002
English-HTML

Windows
 
Non-stack Based Exploitation of Buffer Overrun Vuln. on Windows NT/2000/XP
David Litchfield, NGSSoftware Insight Security Research
March 2002
English-PDF
The Tao of Windows Buffer Overflow 
DilDog [cDc]
http://www.cultdeadcow.com/cDc_files/cDc-351/ 
Good.
Win32 Buffer Overflows (Location, Exploitation and Prevention).
dark spyrit (Barnaby Jack)
Phrack Magazine 55(15), May 2000 
Text File  Español
Good text.
WindowsNT Buffer Overflow's From Start to Finish
Jason Jordan
-
Text File
Good text.
Windows NT Buffer Overruns
David Litchfield (Mnemonix) 
1999
HTML RAS Buffer Overrun Exploit and Tutorial
HTML Winhlp32 Buffer Overrun Exploit and Analysis 
Examples.
Avoiding Buffer Overruns with String Safety
David LeBlanc
June 2000
HTML
-
Klog  -  The Frame Pointer Overwrite.
dark spyrit (Barnaby Jack)
Phrack Magazine 55(8), May 2000 
English Español
Good text.
Heap Overflows.
Matt Conover(Shok) & w00w00 Security Team
January 1999   http://www.w00w00.org/articles.html 
Text Source Files
Good
__atexit in memory bugs
Pascal Bouchareine
Bugtraq, December 2000
Text
Specific proof of concept with statically linked binaries and heap overflows.
 Overwriting the .dtors section.
Juan M. Bello Rivas
TextRussian
 This paper presents a concise explanation of a technique to gain control of a C program's flow of execution given that it has been compiled with gcc. This text assumes that the reader is familiar with general overflow
techniques and the ELF format.
The OMEGA project finished
Lamagra
http://bounce.to/unah16
Text File
How to call system() to execute a shell exploiting a buffer overflow.
 Exploiting Kernel Buffer Overflows FreeBSD Style
Esa Etelavuori
December 2000
English
Buffer overflow exploit in the alpha linux.
Taeho Oh
http://ohhara.4dl.com/ 
English Español
m68k buffer overflows 
Lamagra
http://bounce.to/unah16
English
Linux ppc
Smashing C++ VPTRS
rix
Phrack Magazine 56(08), Janary 2000 
Text
Taking  Advantage of non-terminated  adjacent memory spaces.
twitch
Phrack Magazine 56(14), Janary 2000 
Text Español
strncpy(name, hname, sizeof name) isn't so secure.... read it

 
Local root exploit in LBNL traceroute. (wrong call to free bug)
Michel "MaXX" Kaempf
November 2000 
Text
Example of exploiting incorrect calls to free() bugs to execute arbitrary code.