|
Exploiting FreeList[0] on XP SP2
|
| Bret Moore | English.ZIP pdf with source |
|
|
| Aleph One |
| Phrack Magazine 49, Fall 1997 |
| English Español Russian Source |
|
|
| Plasmoid |
| THC Magazine #3, 1996 |
| English Español |
| Good text. |
|
|
| Smith,Nathan P. |
| May 7, 1997 |
| Text File |
| Good. |
| Advanced buffer overflow exploit. |
| Taeho Oh |
| http://ohhara.4dl.com/ |
| EnglishEspañol |
| . |
|
|
| Mudge |
| Lopht November 1995 |
| HTML |
| Good text. |
|
|
| Pierre-Alain FAYOLLE, Vincent GLAUME |
| ENSEIRB Networks and Distributed Systems 2002 |
| English-HTML PDF |
| Gera said it isn´t good. |
| Overflowing Buffers. |
| David LeBlanc |
| June 2000 |
| HTML |
| - |
| buffer overflows for the kidz (x86 platforms) |
| teleh0r@doglover.com |
| http://teleh0r.cjb.net |
| EnglishEspañol |
| - |
| how to code stack based exploits |
| dethy@synnergy.net |
| March 2000 |
| Text |
| - |
|
|
| Mudge |
| Lopht October 1996 |
| Good text. |
|
|
| Lamagra |
| http://bounce.to/unah16 |
| Text File |
| . |
|
|
| Mixter |
| - |
| Text File |
| Security under Linux : the Buffer Overflow Problem |
| Willy Tarreau |
| November 1997 |
| HTML files |
| - |
|
|
| Lefty |
| - |
| Text File |
|
|
| Olivier Crete |
| Junary 2001 |
| PDF(FRENCH) |
| College-level introduction on buffer overflows and their solutions. |
|
|
| Murat Balaban |
| 2001 |
| English Turkish |
|
|
| The Itch / BsE |
| 1999 |
| English-part1 English-part2 Dutch-part1 Dutch-part2 |
| Writing Buffer Overflow Exploits with Perl |
| teleh0r@doglover.com |
| 2000 |
| English |
| Buffer Overflows On the SPARC Architecture |
| David Litchfield,@stake |
| 2001 |
| English-MSWordDoc.zip |
| Using Environment for returning into Lib C |
| Elie aka Lupin Bursztein |
| February 2002 |
| English-HTML |
| Non-stack Based Exploitation of Buffer Overrun Vuln. on Windows NT/2000/XP |
| David Litchfield, NGSSoftware Insight Security Research |
| March 2002 |
| English-PDF |
|
|
| DilDog [cDc] |
| http://www.cultdeadcow.com/cDc_files/cDc-351/ |
| Good. |
|
|
| dark spyrit (Barnaby Jack) |
| Phrack Magazine 55(15), May 2000 |
| Text File Español |
| Good text. |
|
|
| Jason Jordan |
| - |
| Text File |
| Good text. |
| Windows NT Buffer Overruns |
| David Litchfield (Mnemonix) |
| 1999 |
| HTML
RAS Buffer Overrun Exploit and Tutorial
HTML Winhlp32 Buffer Overrun Exploit and Analysis |
| Examples. |
| Avoiding Buffer Overruns with String Safety |
| David LeBlanc |
| June 2000 |
| HTML |
| - |
|
|
| dark spyrit (Barnaby Jack) |
| Phrack Magazine 55(8), May 2000 |
| English Español |
| Good text. |
| Heap Overflows. |
| Matt Conover(Shok) & w00w00 Security Team |
| January 1999 http://www.w00w00.org/articles.html |
| Text Source Files |
| Good |
| __atexit in memory bugs |
| Pascal Bouchareine |
| Bugtraq, December 2000 |
| Text |
| Specific proof of concept with statically linked binaries and heap overflows. |
| Overwriting the .dtors section. |
| Juan M. Bello Rivas |
| TextRussian |
| This paper presents a concise explanation
of a technique to gain control of a C program's flow of execution given
that it has been compiled with gcc. This text assumes that the reader is
familiar with general overflow
techniques and the ELF format. |
|
|
| Lamagra |
| http://bounce.to/unah16 |
| Text File |
| How to call system() to execute a shell exploiting a buffer overflow. |
|
|
| Esa Etelavuori |
| December 2000 |
| English |
| Buffer overflow exploit in the alpha linux. |
| Taeho Oh |
| http://ohhara.4dl.com/ |
| English Español |
| m68k buffer overflows |
| Lamagra |
| http://bounce.to/unah16 |
| English |
| Linux ppc |
| Smashing C++ VPTRS |
| rix |
| Phrack Magazine 56(08), Janary 2000 |
| Text |
| Taking Advantage of non-terminated adjacent memory spaces. |
| twitch |
| Phrack Magazine 56(14), Janary 2000 |
| Text Español |
| strncpy(name, hname, sizeof name) isn't so secure.... read it |
| Local root exploit in LBNL traceroute. (wrong call to free bug) |
| Michel "MaXX" Kaempf |
| November 2000 |
| Text |
| Example of exploiting incorrect calls to free() bugs to execute arbitrary code. |