Month: June 2015

Exploit Development: Stack Buffer Overflow – Bypass NX/DEP

In my previous blog post, I covered the development of a buffer overflow exploit for a simple vulnerable program with overflow protections disabled. In this post, I will demonstrate bypassing DEP/NX using return oriented programming.

Exploit Development: Stack Buffer Overflow

A stack buffer overflow occurs when a program writes more data to the stack than what is allocated to the buffer. This results in the extra data overwriting possibly important data in stack and causing the program to crash or to execute arbitrary code by possibly overwriting the instruction pointer and hence being able to… Continue reading Exploit Development: Stack Buffer Overflow

Metasploitable 2 Walkthrough: An Exploitation Guide

Metasploitable 2 The Metasploitable virtual machine is an intentionally vulnerable version of Ubuntu Linux designed for testing security tools and demonstrating common vulnerabilities. Version 2 of this virtual machine is available for download and ships with even more vulnerabilities than the original image. This virtual machine is compatible with VMWare, VirtualBox, and other common virtualization… Continue reading Metasploitable 2 Walkthrough: An Exploitation Guide

Metasploitable Walkthrough: An Exploitation Guide

Metasploitable Metasploitable is an Ubuntu 8.04 server install on a VMWare 6.5 image with a number of vulnerable packages included, which can be run on most virtualization software. You can grab your copy at Vulnhub – Metasploitable I used Kali Linux for attacking and VirtualBox for virtualization.

Exit mobile version
%%footer%%